|
198881
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_pak_system
|
IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.
|
-
|
CVE-2020-4914
|
2024-11-21 14:33 |
2023-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198882
|
8.8 |
HIGH
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954.
|
CWE-20
Improper Input Validation
|
CVE-2020-5002
|
2024-11-21 14:33 |
2023-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198883
|
7.5 |
HIGH
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is …
|
-
|
CVE-2020-5026
|
2024-11-21 14:33 |
2023-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198884
|
7.5 |
HIGH
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot"…
|
CWE-22
Path Traversal
|
CVE-2020-5001
|
2024-11-21 14:33 |
2023-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198885
|
4.3 |
MEDIUM
Network
|
dell
|
emc_isilon_onefs
|
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. This provides the remotesupport user and users with restrict…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-5355
|
2024-11-21 14:33 |
2022-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198886
|
9.1 |
CRITICAL
Network
|
ibm
|
elastic_storage_system
spectrum_scale
|
A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. …
|
CWE-862
Missing Authorization
|
CVE-2020-4926
|
2024-11-21 14:33 |
2022-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198887
|
5.9 |
MEDIUM
Network
|
ibm
|
security_identity_manager
|
IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-4970
|
2024-11-21 14:33 |
2022-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198888
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 1…
|
NVD-CWE-noinfo
|
CVE-2020-4994
|
2024-11-21 14:33 |
2022-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198889
|
5.3 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208.
|
CWE-200
Information Exposure
|
CVE-2020-4957
|
2024-11-21 14:33 |
2022-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198890
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicio…
|
CWE-352
Origin Validation Error
|
CVE-2020-4668
|
2024-11-21 14:33 |
2022-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
