Ibm: Security Vulnerabilities
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-01-12
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. IBM X-Force ID: 186287.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-01-12
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190036.
CVSS Score
6.4
EPSS Score
0.001
Published
2021-01-12
IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IBM X-Force ID: 190831.
CVSS Score
5.3
EPSS Score
0.005
Published
2021-01-11
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-01-08
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-01-08
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698.
CVSS Score
4.6
EPSS Score
0.002
Published
2021-01-08
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-01-08
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-01-08
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653.
CVSS Score
2.9
EPSS Score
0.0
Published
2021-01-08