Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-09 | CVE-2024-22318 | Session Fixation vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. | 5.5 |
| 2024-02-09 | CVE-2024-22332 | Unspecified vulnerability in IBM Integration BUS 10.1/10.1.0.2 The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. | 6.5 |
| 2024-02-07 | CVE-2023-31002 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Access Manager Container IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. | 5.5 |
| 2024-02-06 | CVE-2024-22331 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. | 5.5 |
| 2024-02-06 | CVE-2023-46183 | Unspecified vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information. | 4.4 |
| 2024-02-04 | CVE-2023-33851 | Unspecified vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. | 4.9 |
| 2024-02-04 | CVE-2023-50947 | Unspecified vulnerability in IBM products IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2024-02-03 | CVE-2023-32329 | Unspecified vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. | 5.5 |
| 2024-02-02 | CVE-2023-47144 | Unspecified vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. | 6.1 |
| 2024-02-02 | CVE-2022-40744 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. | 5.4 |