Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2022-35642
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227592."
CVSS Score
5.4
EPSS Score
0.005
Published
2022-11-03
CVE-2022-22425
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."
CVSS Score
9.8
EPSS Score
0.004
Published
2022-11-03
CVE-2022-22442
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
CVSS Score
6.5
EPSS Score
0.002
Published
2022-11-03
CVE-2021-39077
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-11-03
CVE-2022-38388
IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-10-11
CVE-2022-34334
IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-10-10
CVE-2022-22493
IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.
CVSS Score
3.5
EPSS Score
0.001
Published
2022-10-07
CVE-2022-30613
IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-10-07
CVE-2022-34308
IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-10-07
CVE-2022-36772
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved