Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-25	CVE-2024-28772	Cross-site Scripting vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. network low complexity ibm CWE-79	5.4
2023-10-14	CVE-2022-33161	Missing Encryption of Sensitive Data vulnerability in IBM products IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network high complexity ibm CWE-311	5.9
2020-10-29	CVE-2019-4563	Session Fixation vulnerability in IBM Security Directory Server 6.4.0.0 IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. network low complexity ibm CWE-384	5.3
2020-10-29	CVE-2019-4547	Information Exposure Through an Error Message vulnerability in IBM Security Directory Server 6.4.0.0 IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. network low complexity ibm CWE-209	5.3
2020-02-04	CVE-2019-4562	Information Exposure vulnerability in IBM Security Directory Server IBM Security Directory Server 6.4.0 stores sensitive information in URLs. network low complexity ibm CWE-200	5.3
2020-02-04	CVE-2019-4551	Missing Authentication for Critical Function vulnerability in IBM Security Directory Server IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. network low complexity ibm CWE-306	5.3
2020-02-04	CVE-2019-4550	Unspecified vulnerability in IBM Security Directory Server IBM Security Directory Server 6.4.0 is deployed with active debugging code that can create unintended entry points. network low complexity ibm	5.3
2020-02-04	CVE-2019-4548	Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Security Directory Server IBM Security Directory Server 6.4.0 could allow a remote attacker to hijack the clicking action of the victim. network low complexity ibm CWE-1021	6.1
2019-10-02	CVE-2019-4549	Insecure Storage of Sensitive Information vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. network low complexity ibm CWE-922	5.3
2019-10-02	CVE-2019-4542	Cross-site Scripting vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1