Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-15 CVE-2022-43874 Cross-site Scripting vulnerability in IBM APP Connect Enterprise Certified Container
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2023-03-10 CVE-2023-24975 Improper Input Validation vulnerability in IBM Spectrum Symphony 7.3.0
IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-20
6.1
2023-03-02 CVE-2022-35645 Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-02-27 CVE-2023-22860 Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-02-24 CVE-2022-43923 Information Exposure Through Log Files vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0
IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user.
local
low complexity
ibm CWE-532
5.5
2023-02-22 CVE-2022-43578 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-02-22 CVE-2022-43870 Information Exposure Through Log Files vulnerability in IBM Spectrum Virtualize 8.3.0.0/8.4.0.0/8.5.0.0
IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files.
network
low complexity
ibm CWE-532
6.5
2023-02-21 CVE-2023-25928 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-02-17 CVE-2022-43579 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-02-17 CVE-2022-36775 Injection vulnerability in IBM products
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-74
6.5