Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-09 CVE-2019-4428 Cross-site Scripting vulnerability in IBM Watson Assistant for IBM Cloud PAK for Data 1.0.0/1.3.0
IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-12-03 CVE-2019-4468 Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-12-03 CVE-2019-4467 Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-12-03 CVE-2019-4226 Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-12-03 CVE-2019-4098 Cross-site Scripting vulnerability in IBM Cloud PAK System 2.3/2.3.0.1
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-11-25 CVE-2019-4406 Unspecified vulnerability in IBM Spectrum Protect Backup-Archive Client
IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications.
local
low complexity
ibm
4.4
4.4
2019-11-25 CVE-2018-2025 Incorrect Default Permissions vulnerability in IBM products
IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone.
local
low complexity
ibm CWE-276
4.4
4.4
2019-11-22 CVE-2019-4570 Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data.
network
low complexity
ibm CWE-209
5.3
5.3
2019-11-22 CVE-2019-4569 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-11-22 CVE-2019-4243 Unspecified vulnerability in IBM Smartcloud Analytics LOG Analysis
IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks.
local
low complexity
ibm
4.4
4.4