Vulnerabilities > IBM > Storediq > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-03 | CVE-2020-4224 | Cleartext Storage of Sensitive Information vulnerability in IBM Storediq IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. | 5.5 |
| 2019-08-20 | CVE-2019-4167 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Storediq IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2019-07-31 | CVE-2019-4163 | Unspecified vulnerability in IBM Storediq IBM StoreIQ 7.6.0.0. | 4.3 |
| 2019-04-30 | CVE-2019-4166 | Open Redirect vulnerability in IBM Storediq IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-11-30 | CVE-2018-1928 | Unspecified vulnerability in IBM Storediq IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. | 5.5 |
| 2018-05-22 | CVE-2018-1583 | Unspecified vulnerability in IBM Storediq 7.6.0 IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. | 5.4 |