Check CVE Id
Check CWE Id
IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user at job submission time due to improper file permission settings. IBM X-Force ID: 147439.
(Improper Access Control)
CVSS Base Score
API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626.
IBM DataPower Gateway 2018.4.1.0, 18.104.22.168 through 22.214.171.124, 126.96.36.199 through 188.8.131.52, 184.108.40.206 through 220.127.116.11, 18.104.22.168 through 22.214.171.124, and 126.96.36.199 through 188.8.131.52 could allow an authenticated user to inject arbitrary messages that would be display...
IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IB...
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. The lack of proper session termination may allow attackers with local access to login into a closed browser session. IBM X-For...
IBM App Connect V184.108.40.206 through V220.127.116.11, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V18.104.22.168 through V22.214.171.124, and WebSphere Message Broker V126.96.36.199 through V188.8.131.52 is vulnerable to a XML External Entity Injection (XX...
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM. IBM X-Force ID: 145110.
IBM API Connect 184.108.40.206 through 220.127.116.11 is impacted by sensitive information disclosure via a REST API that could allow a user with administrative privileges to obtain highly sensitive information. IBM X-Force ID: 154031.
Back to Top