Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-21 CVE-2022-22435 Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2
IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-04-21 CVE-2022-22436 Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2
IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-04-19 CVE-2021-39033 Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
2022-04-19 CVE-2021-39072 Unspecified vulnerability in IBM Security Guardium 11.3
IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm
5.9
2022-04-19 CVE-2021-39078 Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium 10.5
IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user.
local
low complexity
ibm CWE-312
4.4
2022-04-14 CVE-2022-22391 Unspecified vulnerability in IBM products
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to.
network
low complexity
ibm
4.3
2022-04-11 CVE-2021-39068 Cross-site Scripting vulnerability in IBM Curam Social Program Management 7.0.11.0/8.0.1
IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2022-04-05 CVE-2022-22355 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance.
network
low complexity
ibm
5.3
2022-04-05 CVE-2022-22356 Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts.
network
low complexity
ibm CWE-203
6.5
2022-04-01 CVE-2022-22328 Unspecified vulnerability in IBM Partner Engagement Manager 6.2.0
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data.
local
low complexity
ibm
6.2