Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-27 | CVE-2020-4787 | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 2.3 |
| 2021-01-26 | CVE-2020-4889 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. | 3.3 |
| 2021-01-04 | CVE-2020-4919 | Unspecified vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. | 3.8 |
| 2020-12-17 | CVE-2020-4846 | Information Exposure Through an Error Message vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2020-12-16 | CVE-2020-4906 | Insecure Storage of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2020-11-13 | CVE-2020-4886 | Insecure Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. | 3.3 |
| 2020-11-09 | CVE-2020-4650 | Insecure Storage of Sensitive Information vulnerability in IBM Maximo Spatial Asset Management IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2020-11-05 | CVE-2018-1725 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. | 2.3 |
| 2020-11-03 | CVE-2019-4349 | Information Exposure vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. | 3.5 |
| 2020-09-30 | CVE-2020-4629 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. | 3.3 |