Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2022-22496 Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Spectrum Protect Server
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL.
low complexity
ibm CWE-307
3.3
2022-06-30 CVE-2022-22478 Cleartext Storage of Sensitive Information vulnerability in IBM Spectrum Protect Client
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1
2022-06-24 CVE-2021-38871 Cross-site Scripting vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2022-06-24 CVE-2021-20551 Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-668
2.1
2022-06-24 CVE-2022-33953 Insufficiently Protected Credentials vulnerability in IBM products
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens.
local
low complexity
ibm CWE-522
2.1
2022-06-24 CVE-2022-22502 Cross-site Scripting vulnerability in IBM products
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2022-06-15 CVE-2022-22444 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service.
local
low complexity
ibm
2.1
2022-06-10 CVE-2022-30611 Cross-site Scripting vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.
network
ibm CWE-79
3.5
2022-06-10 CVE-2022-30610 Improper Privilege Management vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.15.0 is vulnerable to reverse tabnabbing where it could allow a page linked to from within IBM Spectrum Copy Data Management to rewrite it.
network
ibm CWE-269
3.5
2022-06-10 CVE-2022-22426 Unspecified vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management.
local
low complexity
ibm
3.3