Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2019-4027 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-05 | CVE-2018-1939 | Open Redirect vulnerability in IBM Cloud Private 3.1.1 IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2019-03-05 | CVE-2018-1875 | Open Redirect vulnerability in IBM products IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2019-02-27 | CVE-2019-4061 | Information Exposure vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. | 5.3 |
| 2019-02-27 | CVE-2018-1775 | Information Exposure vulnerability in IBM products IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. | 4.0 |
| 2019-02-21 | CVE-2018-2006 | Path Traversal vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2019-02-21 | CVE-2018-1950 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1 IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system. | 4.0 |
| 2019-02-21 | CVE-2018-1949 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1 IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. | 4.0 |
| 2019-02-21 | CVE-2018-1948 | Session Fixation vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1 IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2019-02-21 | CVE-2018-1947 | Cross-site Scripting vulnerability in IBM Security Identity Governance and Intelligence 5.2.2.1 IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. | 4.3 |