Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-12 | CVE-2020-4673 | Insecure Storage of Sensitive Information vulnerability in IBM Workload Automation 9.5 IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. | 4.3 |
| 2021-01-11 | CVE-2020-4869 | Classic Buffer Overflow vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. | 6.5 |
| 2021-01-08 | CVE-2020-4733 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 5.4 |
| 2021-01-08 | CVE-2020-4697 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 5.4 |
| 2021-01-08 | CVE-2020-4691 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. | 5.4 |
| 2021-01-08 | CVE-2020-4544 | Information Exposure Through an Error Message vulnerability in IBM products IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2021-01-08 | CVE-2020-4487 | Information Exposure Through an Error Message vulnerability in IBM products IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2021-01-08 | CVE-2020-5022 | Missing Authorization vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. | 5.3 |
| 2021-01-08 | CVE-2020-5021 | Session Fixation vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. | 4.4 |
| 2021-01-08 | CVE-2020-5020 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |