Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-20 | CVE-2023-38718 | Unspecified vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. | 5.3 |
2023-09-20 | CVE-2023-40368 | Unspecified vulnerability in IBM Storage Protect IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. | 4.4 |
2023-09-08 | CVE-2022-22402 | Cross-site Scripting vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. | 5.4 |
2023-09-08 | CVE-2022-22409 | Unspecified vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. | 5.3 |
2023-09-08 | CVE-2022-22405 | Missing Encryption of Sensitive Data vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2023-09-08 | CVE-2023-24965 | Exposure of Resource to Wrong Sphere vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. | 5.3 |
2023-09-08 | CVE-2023-32332 | Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. | 5.4 |
2023-09-05 | CVE-2023-22870 | Cleartext Transmission of Sensitive Information vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. | 5.9 |
2023-09-05 | CVE-2023-29261 | Insecure Storage of Sensitive Information vulnerability in IBM Sterling External Authentication Server 6.0.3.0/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. | 5.5 |
2023-09-05 | CVE-2022-43903 | Unspecified vulnerability in IBM Security Guardium 10.6/11.3/11.4 IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. | 6.5 |