Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-17 | CVE-2024-22335 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-17 | CVE-2024-22336 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-17 | CVE-2024-22337 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-12 | CVE-2022-22506 | Unspecified vulnerability in IBM Robotic Process Automation 21.0.2 IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. low complexity ibm | 4.6 |
| 2024-02-12 | CVE-2022-34311 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. low complexity ibm | 4.3 |
| 2024-02-12 | CVE-2022-38714 | Insufficiently Protected Credentials vulnerability in IBM Datastage IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. | 4.9 |
| 2024-02-10 | CVE-2024-22312 | Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2024-02-09 | CVE-2023-32341 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. | 6.5 |
| 2024-02-09 | CVE-2023-42016 | Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2024-02-09 | CVE-2023-45190 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |