Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2022-22417
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223127.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-07-19
CVE-2021-29788
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203310.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-07-18
CVE-2021-29790
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-07-18
CVE-2021-29799
IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-07-18
CVE-2021-38868
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-07-18
CVE-2022-22445
An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.
CVSS Score
7.6
EPSS Score
0.002
Published
2022-07-18
CVE-2022-22450
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916.
CVSS Score
3.8
EPSS Score
0.001
Published
2022-07-14
CVE-2022-22452
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-07-14
CVE-2022-22453
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919.
CVSS Score
5.1
EPSS Score
0.001
Published
2022-07-14
CVE-2022-22460
IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013.
CVSS Score
3.0
EPSS Score
0.002
Published
2022-07-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved