Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-03-21 CVE-2024-22352 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
2024-03-15 CVE-2021-38938 Unspecified vulnerability in IBM Host Access Transformation Services
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm
5.5
2024-03-15 CVE-2023-47147 Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions.
network
low complexity
ibm
5.3
2024-03-15 CVE-2023-47699 Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
6.1
2024-03-15 CVE-2023-46179 Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm
4.3
2024-03-15 CVE-2023-46182 Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2024-03-15 CVE-2023-47162 Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
6.1
2024-03-14 CVE-2024-27265 Unspecified vulnerability in IBM Integration BUS 10.1/10.1.0.2/10.1.0.3
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm
6.5
2024-03-01 CVE-2023-28525 Unspecified vulnerability in IBM products
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
4.8
2024-03-01 CVE-2023-28949 Unspecified vulnerability in IBM products
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm
6.5