Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-08 CVE-2023-33846 Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-06-07 CVE-2023-33848 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode.
network
low complexity
ibm
6.5
2023-06-05 CVE-2023-27861 Cleartext Transmission of Sensitive Information vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0
IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques.
network
high complexity
ibm CWE-319
5.9
2023-06-05 CVE-2023-32334 Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters.
network
low complexity
ibm
5.3
2023-05-19 CVE-2023-22878 Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
5.5
2023-05-19 CVE-2023-28529 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-05-19 CVE-2023-28950 Unspecified vulnerability in IBM MQ
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled.
local
low complexity
ibm
5.5
2023-05-19 CVE-2023-28514 Information Exposure Through an Error Message vulnerability in IBM MQ
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace.
local
low complexity
ibm CWE-209
5.5
2023-05-12 CVE-2023-27863 Unspecified vulnerability in IBM Spectrum Protect 10.1.13
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores.
network
low complexity
ibm
4.9
2023-05-12 CVE-2023-28520 Cross-site Scripting vulnerability in IBM Planning Analytics Local 2.0.0
IBM Planning Analytics Local 2.0 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4