Vulnerabilities > IBM > Sterling Partner Engagement Manager > 6.1.2

DATE CVE VULNERABILITY TITLE RISK
2024-03-13 CVE-2023-28517 Unspecified vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.2
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2023-10-23 CVE-2023-38722 Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.2
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-10-23 CVE-2023-43045 Missing Authentication for Critical Function vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.2
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication.
network
low complexity
ibm CWE-306
7.5
7.5
2023-06-08 CVE-2023-23480 Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-06-08 CVE-2023-23481 Cross-site Scripting vulnerability in IBM Sterling Partner Engagement Manager
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-06-08 CVE-2023-23482 Unspecified vulnerability in IBM Sterling Partner Engagement Manager
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm
critical
 9.6
9.6
2023-01-11 CVE-2022-34335 Resource Exhaustion vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.1
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service.
network
low complexity
ibm CWE-400
6.5
6.5
2023-01-11 CVE-2022-40615 Unspecified vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.1
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection.
network
low complexity
ibm
critical
 9.8
9.8
2022-09-23 CVE-2022-34348 XXE vulnerability in IBM Sterling Partner Engagement Manager 6.1/6.1.2/6.2.1.0
IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
7.1
2022-07-26 CVE-2022-35639 Unspecified vulnerability in IBM products
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive.
network
low complexity
ibm
7.5
7.5