Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-24 | CVE-2020-4165 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2020-08-24 | CVE-2020-4382 | Improper Input Validation vulnerability in IBM Elastic Storage Server IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment or upgrade pertaining to xcat services. | 2.1 |
| 2020-08-24 | CVE-2020-4593 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. | 2.1 |
| 2020-08-19 | CVE-2020-4381 | Unspecified vulnerability in IBM Elastic Storage Server IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.6 could allow an authenticated user to cause a denial of service during deployment or upgrade if GUI specific services are enabled. network ibm | 3.5 |
| 2020-08-04 | CVE-2020-4396 | Cross-site Scripting vulnerability in IBM Engineering Test Management 7.0.0 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 3.5 |
| 2020-08-04 | CVE-2020-4525 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 3.5 |
| 2020-08-04 | CVE-2020-4542 | Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors Next 7.0 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 3.5 |
| 2020-08-04 | CVE-2020-4631 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. | 1.9 |
| 2020-07-29 | CVE-2020-4645 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. | 3.5 |
| 2020-07-28 | CVE-2019-4731 | Information Exposure vulnerability in IBM MQ Appliance 9.1.4 IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. | 2.1 |