Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-22	CVE-2020-4616	Unspecified vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request. network low complexity ibm	5.3
2020-09-22	CVE-2020-4615	Cross-site Scripting vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2020-09-22	CVE-2020-4612	Unspecified vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. network low complexity ibm	6.5
2020-09-21	CVE-2020-4731	Cross-site Scripting vulnerability in IBM Aspera Shares 1.9.14 IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2020-09-21	CVE-2020-4590	Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. network low complexity ibm	6.5
2020-09-21	CVE-2020-4315	Insecure Storage of Sensitive Information vulnerability in IBM Business Automation Content Analyzer on Cloud 1.0 IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. network low complexity ibm CWE-922	4.3
2020-09-16	CVE-2020-4708	Unspecified vulnerability in IBM Security Trusteer Pinpoint Detect 11.6.5 IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some information due to using a wildcard in the Access-Control-Allow-Origin header. network low complexity ibm	5.3
2020-09-15	CVE-2020-8339	Cross-site Scripting vulnerability in IBM Bladecenter Advanced Management Module Firmware 3.68I A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N]. network low complexity ibm CWE-79	6.1
2020-09-15	CVE-2020-4711	Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to traverse directories on the system. network low complexity ibm CWE-22	6.5
2020-09-15	CVE-2020-4530	Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow C.D.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4