Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-34312 Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-03 CVE-2022-42442 Unspecified vulnerability in IBM Robotic Process Automation for Cloud PAK
IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform.
local
low complexity
ibm
3.3
2022-09-08 CVE-2022-22314 Unspecified vulnerability in IBM Planning Analytics Workspace 2.0
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
2022-08-01 CVE-2022-22326 Incorrect Authorization vulnerability in IBM products
IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks.
local
low complexity
ibm CWE-863
3.3
2022-07-14 CVE-2022-22450 Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request.
network
low complexity
ibm CWE-434
3.8
2022-06-24 CVE-2021-20551 Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-668
3.3
2022-06-10 CVE-2022-22426 Unspecified vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management.
local
low complexity
ibm
3.3
2022-03-14 CVE-2022-22348 Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Protect Operations Center
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it.
network
low complexity
ibm CWE-352
2.4
2022-02-16 CVE-2019-4352 Unspecified vulnerability in IBM Maximo Anywhere 7.6.4.0
IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code.
low complexity
ibm
2.4
2022-01-26 CVE-2021-29846 Insufficient Session Expiration vulnerability in IBM Security Guardium Insights 3.0.0
IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration.
network
low complexity
ibm CWE-613
2.7