Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-12 | CVE-2022-42436 | Unspecified vulnerability in IBM MQ IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. | 3.3 |
| 2023-02-01 | CVE-2023-23469 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-16 | CVE-2022-34354 | Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-14 | CVE-2022-34314 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. | 3.3 |
| 2022-11-14 | CVE-2022-34313 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. | 3.1 |
| 2022-11-14 | CVE-2022-34312 | Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-03 | CVE-2022-42442 | Unspecified vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. | 3.3 |
| 2022-09-08 | CVE-2022-22314 | Unspecified vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-08-01 | CVE-2022-22326 | Incorrect Authorization vulnerability in IBM products IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. | 3.3 |
| 2022-07-14 | CVE-2022-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. | 3.8 |