Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-15 | CVE-2021-20499 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2021-07-07 | CVE-2021-29759 | Information Exposure Through Log Files vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. | 2.3 |
2021-06-11 | CVE-2021-20396 | Insecure Storage of Sensitive Information vulnerability in IBM Security Qradar Analyst Workflow 1.0/1.18.0 IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2021-06-01 | CVE-2021-20575 | Insecure Storage of Sensitive Information vulnerability in IBM Application Gateway and Security Verify Access IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2021-05-19 | CVE-2020-4765 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud PAK for Multicloud Management IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2021-05-14 | CVE-2021-20391 | Insecure Storage of Sensitive Information vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2021-05-14 | CVE-2020-4811 | Improper Input Validation vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation. | 2.4 |
2021-04-09 | CVE-2021-29671 | Unspecified vulnerability in IBM Spectrum Scale 5.1.0.1 IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. | 3.3 |
2021-03-02 | CVE-2020-4725 | Unspecified vulnerability in IBM Cloud Application Performance Management 8.1.4 IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. | 3.5 |
2021-03-02 | CVE-2020-4726 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. | 3.3 |