Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2022-43578
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238683.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-02-22
CVE-2022-43870
IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. IBM X-Force ID: 239540.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-02-22
CVE-2022-43873
An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-02-22
CVE-2023-25928
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 247646.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-02-21
CVE-2022-34351
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. IBM X-Force ID: 230402.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-02-17
CVE-2022-40231
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-02-17
CVE-2022-43579
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-02-17
CVE-2023-24960
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-17
CVE-2022-40232
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-02-17
CVE-2022-41734
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 237587.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved