Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-25680 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. | 6.5 |
| 2023-03-15 | CVE-2022-46774 | Incorrect Default Permissions vulnerability in IBM Manage Application 8.4.0/8.5.0 IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. | 6.5 |
| 2023-03-15 | CVE-2023-22876 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. | 6.5 |
| 2023-03-15 | CVE-2022-43874 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-03-10 | CVE-2023-24975 | Improper Input Validation vulnerability in IBM Spectrum Symphony 7.3.0 IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2023-03-02 | CVE-2022-35645 | Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-02-27 | CVE-2023-22860 | Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-02-24 | CVE-2022-43923 | Information Exposure Through Log Files vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0 IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. | 5.5 |
| 2023-02-22 | CVE-2022-43578 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-22 | CVE-2022-43870 | Information Exposure Through Log Files vulnerability in IBM Spectrum Virtualize 8.3.0.0/8.4.0.0/8.5.0.0 IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. | 6.5 |