Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-32339 | Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation IBM Business Automation Workflow is vulnerable to cross-site scripting. | 6.1 |
| 2023-06-22 | CVE-2023-33842 | Unspecified vulnerability in IBM Spss Modeler IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. | 5.5 |
| 2023-06-15 | CVE-2022-33159 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Directory Suite VA 8.0.1/8.0.1.19 IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. | 6.5 |
| 2023-06-08 | CVE-2023-23480 | Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting. | 5.4 |
| 2023-06-08 | CVE-2023-23481 | Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-06-08 | CVE-2023-33846 | Cross-site Scripting vulnerability in IBM Cics TX and Txseries for Multiplatform IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2023-06-07 | CVE-2023-33848 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. | 6.5 |
| 2023-06-05 | CVE-2023-27861 | Cleartext Transmission of Sensitive Information vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0 IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. | 5.9 |
| 2023-06-05 | CVE-2023-32334 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8.0 stores sensitive information in URL parameters. | 5.3 |
| 2023-05-19 | CVE-2023-22878 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. | 5.5 |