Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-23 | CVE-2017-1132 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-23 | CVE-2017-1131 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. | 6.5 |
| 2017-06-23 | CVE-2016-5893 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. | 5.5 |
| 2017-06-22 | CVE-2017-1326 | Improper Privilege Management vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling File Gateway does not properly restrict user requests based on permission level. | 4.3 |
| 2017-06-22 | CVE-2016-9983 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. | 5.3 |
| 2017-06-22 | CVE-2016-9982 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. | 6.5 |
| 2017-06-22 | CVE-2016-9747 | Cross-site Scripting vulnerability in IBM products IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-21 | CVE-2017-1304 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Elastic Storage Server IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file. | 6.2 |
| 2017-06-21 | CVE-2017-1117 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. | 5.3 |
| 2017-06-20 | CVE-2017-3744 | Information Exposure Through Log Files vulnerability in multiple products In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. | 6.5 |