Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2021-20368
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-13
CVE-2021-20369
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-07-13
CVE-2021-20422
IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. IBM X-Force ID: 196304.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-07-13
CVE-2021-20423
IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-07-13
CVE-2021-20424
IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. X-Force ID: 196309.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-07-13
CVE-2021-20360
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195031.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-07-13
CVE-2021-29792
IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450.
CVSS Score
4.7
EPSS Score
0.001
Published
2021-07-12
CVE-2021-29794
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 203556.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-07-12
CVE-2021-29803
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204164.
CVSS Score
6.4
EPSS Score
0.002
Published
2021-07-12
CVE-2021-29804
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204262.
CVSS Score
6.4
EPSS Score
0.002
Published
2021-07-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved