Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-13 | CVE-2017-1421 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes is vulnerable to cross-site scripting. | 4.3 |
| 2017-12-11 | CVE-2017-1613 | Information Exposure vulnerability in IBM Connections 6.0 IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. | 5.0 |
| 2017-12-11 | CVE-2017-1606 | SQL Injection vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. | 6.5 |
| 2017-12-11 | CVE-2017-1550 | Unspecified vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. | 4.0 |
| 2017-12-11 | CVE-2017-1548 | Path Traversal vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. | 5.0 |
| 2017-12-11 | CVE-2017-1507 | Information Exposure vulnerability in IBM products IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. | 4.0 |
| 2017-12-07 | CVE-2017-1497 | Information Exposure vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. | 4.3 |
| 2017-12-07 | CVE-2017-1487 | Information Exposure vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. | 4.0 |
| 2017-12-07 | CVE-2017-1481 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. | 4.0 |
| 2017-12-07 | CVE-2017-1433 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user to insert messages with a corrupt RFH header into the channel which would cause it to restart. | 4.0 |