Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-08 | CVE-2022-34306 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2022-07-05 | CVE-2022-31770 | Unspecified vulnerability in IBM APP Connect Enterprise Certified Container 4.2 IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. | 4.9 |
| 2022-07-01 | CVE-2022-22366 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. | 4.4 |
| 2022-07-01 | CVE-2022-22367 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. | 5.5 |
| 2022-07-01 | CVE-2022-22373 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. | 5.4 |
| 2022-06-30 | CVE-2021-38954 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system. | 4.3 |
| 2022-06-30 | CVE-2022-22478 | Cleartext Storage of Sensitive Information vulnerability in IBM Spectrum Protect Client IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2022-06-30 | CVE-2022-22494 | Unspecified vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. | 5.3 |
| 2022-06-30 | CVE-2022-22496 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Spectrum Protect Server While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. | 6.5 |
| 2022-06-29 | CVE-2021-39074 | Cross-site Scripting vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 is vulnerable to cross-site scripting. | 6.1 |