Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-04 | CVE-2020-4866 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-03-04 | CVE-2020-4863 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to stored cross-site scripting. | 5.4 |
| 2021-03-04 | CVE-2020-4857 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to stored cross-site scripting. | 5.4 |
| 2021-03-04 | CVE-2020-4856 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to stored cross-site scripting. | 5.4 |
| 2021-03-03 | CVE-2021-20441 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2021-03-02 | CVE-2020-4719 | Use of Incorrectly-Resolved Name or Reference vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. | 4.9 |
| 2021-02-24 | CVE-2020-4931 | Unspecified vulnerability in IBM MQ 9.1.0/9.1.0.0/9.2.0.0 IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. | 6.5 |
| 2021-02-23 | CVE-2020-4953 | Information Exposure vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about an organization's internal structure by exposing sensitive information in HTTP repsonses. | 4.3 |
| 2021-02-18 | CVE-2021-20446 | Cross-site Scripting vulnerability in IBM Maximo for Civil Infrastructure 7.6.2 IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. | 5.4 |
| 2021-02-18 | CVE-2021-20445 | Insufficiently Protected Credentials vulnerability in IBM Maximo for Civil Infrastructure 7.6.2 IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. | 6.5 |