Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-03 | CVE-2022-42442 | Unspecified vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. | 3.3 |
| 2022-09-08 | CVE-2022-22314 | Unspecified vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-08-01 | CVE-2022-22326 | Incorrect Authorization vulnerability in IBM products IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. | 3.3 |
| 2022-07-14 | CVE-2022-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. | 3.8 |
| 2022-06-24 | CVE-2021-20551 | Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-06-10 | CVE-2022-22426 | Unspecified vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. | 3.3 |
| 2022-03-14 | CVE-2022-22348 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. | 2.4 |
| 2022-02-16 | CVE-2019-4352 | Unspecified vulnerability in IBM Maximo Anywhere 7.6.4.0 IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. low complexity ibm | 2.4 |
| 2022-01-26 | CVE-2021-29846 | Insufficient Session Expiration vulnerability in IBM Security Guardium Insights 3.0.0 IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | 2.7 |
| 2022-01-10 | CVE-2021-38894 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0 IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |