Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-02 | CVE-2023-38019 | Unspecified vulnerability in IBM Soar Qradar Plugin APP 1.0 IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. | 6.5 |
2024-02-02 | CVE-2023-38020 | Unspecified vulnerability in IBM Soar Qradar Plugin APP 1.0 IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. | 4.3 |
2024-02-02 | CVE-2023-46159 | Unspecified vulnerability in IBM Storage Ceph 5.3Z1/5.3Z5/6.1Z1 IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. | 6.5 |
2024-02-02 | CVE-2023-50328 | Exposure of Resource to Wrong Sphere vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. | 5.3 |
2024-02-02 | CVE-2023-50934 | Improper Authentication vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. | 5.3 |
2024-02-02 | CVE-2023-50935 | Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. | 6.5 |
2024-02-02 | CVE-2023-50938 | Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
2024-02-02 | CVE-2023-50941 | Unspecified vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. | 5.4 |
2024-02-02 | CVE-2023-50327 | Interpretation Conflict vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. | 5.3 |
2024-02-02 | CVE-2023-50933 | Cross-site Scripting vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. | 6.1 |