Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-28 CVE-2023-50303 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
6.1
6.1
2024-02-26 CVE-2022-34357 IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting.
network
low complexity
netapp ibm
6.5
6.5
2024-02-26 CVE-2023-30996 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins.
network
low complexity
netapp ibm
5.3
5.3
2024-02-26 CVE-2023-32344 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path.
network
low complexity
netapp ibm
4.3
4.3
2024-02-26 CVE-2023-38359 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting.
network
low complexity
netapp ibm
6.1
6.1
2024-02-26 CVE-2023-43051 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting.
network
low complexity
netapp ibm
5.4
5.4
2024-02-21 CVE-2023-33843 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2024-02-17 CVE-2022-41737 Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace.
local
low complexity
ibm
6.5
6.5
2024-02-17 CVE-2023-50951 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts.
network
low complexity
ibm
4.3
4.3
2024-02-17 CVE-2024-22335 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
5.5