Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-38894 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-11-12 CVE-2021-38973 Improper Input Validation vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
network
low complexity
ibm CWE-20
2.7
2021-10-15 CVE-2020-4951 Information Exposure vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
local
low complexity
ibm netapp CWE-200
3.3
2021-09-23 CVE-2021-20377 Information Exposure Through an Error Message vulnerability in IBM Security Guardium 11.3
IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-09-23 CVE-2020-4809 Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2021-09-23 CVE-2020-4805 Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2021-09-23 CVE-2020-4803 Insecure Storage of Sensitive Information vulnerability in IBM Edge Application Manager 4.2
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2021-07-20 CVE-2021-20478 Unspecified vulnerability in IBM Cloud PAK System 2.3
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console.
local
low complexity
ibm
3.3
2021-07-15 CVE-2021-20534 Open Redirect vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
3.5
2021-07-15 CVE-2021-20523 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7