Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-14 | CVE-2021-20391 | Insecure Storage of Sensitive Information vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-05-14 | CVE-2020-4811 | Improper Input Validation vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation. | 2.4 |
| 2021-04-09 | CVE-2021-29671 | Unspecified vulnerability in IBM Spectrum Scale 5.1.0.1 IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. | 3.3 |
| 2021-03-02 | CVE-2020-4725 | Unspecified vulnerability in IBM Cloud Application Performance Management 8.1.4 IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. | 3.5 |
| 2021-03-02 | CVE-2020-4726 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-02-11 | CVE-2021-20402 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-01-27 | CVE-2020-4787 | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 2.3 |
| 2021-01-26 | CVE-2020-4889 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. | 3.3 |
| 2021-01-04 | CVE-2020-4919 | Unspecified vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. | 3.8 |
| 2020-12-17 | CVE-2020-4846 | Information Exposure Through an Error Message vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |