Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-21 | CVE-2023-33843 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2024-02-17 | CVE-2022-41737 | Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0 IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. | 6.5 |
| 2024-02-17 | CVE-2023-50951 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts. | 4.3 |
| 2024-02-17 | CVE-2024-22335 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-17 | CVE-2024-22336 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-17 | CVE-2024-22337 | Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2024-02-12 | CVE-2022-22506 | Unspecified vulnerability in IBM Robotic Process Automation 21.0.2 IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. low complexity ibm | 4.6 |
| 2024-02-12 | CVE-2022-34311 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. low complexity ibm | 4.3 |
| 2024-02-12 | CVE-2022-38714 | Insufficiently Protected Credentials vulnerability in IBM Datastage IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. | 4.9 |
| 2024-02-10 | CVE-2024-22312 | Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |