Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2020-03-23 CVE-2019-4718 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.0
IBM Jazz for Service Management 3.13 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-03-16 CVE-2019-4617 Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0
IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability.
local
low complexity
ibm linux CWE-384
3.6
3.6
2020-03-16 CVE-2019-4619 Information Exposure Through an Error Message vulnerability in IBM MQ, MQ Appliance and Websphere MQ
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.
local
low complexity
ibm hp linux microsoft oracle CWE-209
2.1
2.1
2020-03-16 CVE-2019-4719 Unspecified vulnerability in IBM MQ, MQ Appliance and Websphere MQ
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data.
local
low complexity
ibm hp linux microsoft oracle
2.1
2.1
2020-03-10 CVE-2019-4608 Cross-site Scripting vulnerability in IBM Tivoli Workload Scheduler 9.3
IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-03-10 CVE-2020-4162 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-03-03 CVE-2020-4196 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-03-03 CVE-2020-4197 Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
2.1
2.1
2020-03-03 CVE-2020-4198 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-02-26 CVE-2019-4596 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5