Shodan
Vulnerabilities
Vulnerable Software
Ibm:  Security Vulnerabilities
CVE-2020-4499
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.
CVSS Score
7.3
EPSS Score
0.004
Published
2020-10-15
CVE-2020-4395
IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 179358.
CVSS Score
6.3
EPSS Score
0.001
Published
2020-10-14
CVE-2020-4689
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.
CVSS Score
6.8
EPSS Score
0.007
Published
2020-10-12
CVE-2020-4740
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 188150.
CVSS Score
5.2
EPSS Score
0.001
Published
2020-10-12
CVE-2020-4741
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188197.
CVSS Score
6.4
EPSS Score
0.002
Published
2020-10-12
CVE-2020-4302
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection. By persuading a victim to open a specially-crafted excel file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176610.
CVSS Score
5.5
EPSS Score
0.014
Published
2020-10-12
CVE-2020-4388
IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of service attack by failing to catch exceptions in a servlet also exposing debug information could also be used in future attacks. IBM X-Force ID: 179270.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-10-12
CVE-2020-4678
IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. IBM X-Force ID: 186423.
CVSS Score
4.9
EPSS Score
0.002
Published
2020-10-12
CVE-2020-4679
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-10-12
CVE-2020-4680
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186426.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-10-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved