Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-15 CVE-2022-33159 Cleartext Storage of Sensitive Information vulnerability in IBM Security Directory Suite VA
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
6.5
2023-06-08 CVE-2023-23480 Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-08 CVE-2023-23481 Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-08 CVE-2023-33846 Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-07 CVE-2023-33848 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode.
network
low complexity
ibm
6.5
2023-06-05 CVE-2023-27861 Cleartext Transmission of Sensitive Information vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques.
network
high complexity
ibm CWE-319
5.9
2023-06-05 CVE-2023-32334 Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters.
network
low complexity
ibm
5.3
2023-05-19 CVE-2023-22878 Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
5.5
2023-05-19 CVE-2023-28529 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-05-19 CVE-2023-28950 Unspecified vulnerability in IBM MQ
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled.
local
low complexity
ibm
5.5