Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-46181

Summary
Assigner-ibm
Assigner Org ID-9a959283-ebb5-44b6-b705-dcc2bbced522
Published At-15 Mar, 2024 | 15:13
Updated At-02 Aug, 2024 | 20:37
Rejected At-
Credits

IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–ĽCommon Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ibm
Assigner Org ID:9a959283-ebb5-44b6-b705-dcc2bbced522
Published At:15 Mar, 2024 | 15:13
Updated At:02 Aug, 2024 | 20:37
Rejected At:
â–ĽCVE Numbering Authority (CNA)
IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

Affected Products
Vendor
IBM CorporationIBM
Product
Secure Proxy
Default Status
unaffected
Versions
Affected
  • 6.0.3, 6.1.0
Problem Types
TypeCWE IDDescription
CWECWE-525CWE-525 Information Exposure Through Browser Caching
Type: CWE
CWE ID: CWE-525
Description: CWE-525 Information Exposure Through Browser Caching
Metrics
VersionBase scoreBase severityVector
3.14.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Version: 3.1
Base score: 4.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ibm.com/support/pages/node/7142038
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/269686
vdb-entry
Hyperlink: https://www.ibm.com/support/pages/node/7142038
Resource:
vendor-advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/269686
Resource:
vdb-entry
â–ĽAuthorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.ibm.com/support/pages/node/7142038
vendor-advisory
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/269686
vdb-entry
x_transferred
Hyperlink: https://www.ibm.com/support/pages/node/7142038
Resource:
vendor-advisory
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/269686
Resource:
vdb-entry
x_transferred
Information is not available yet
â–ĽNational Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@us.ibm.com
Published At:15 Mar, 2024 | 16:15
Updated At:19 Mar, 2024 | 17:31

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.13.3LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Secondary3.14.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Primary
Version: 3.1
Base score: 3.3
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 4.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CPE Matches
IBM Corporation
ibm
>>sterling_secure_proxy>>6.0.3
cpe:2.3:a:ibm:sterling_secure_proxy:6.0.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>sterling_secure_proxy>>6.1.0
cpe:2.3:a:ibm:sterling_secure_proxy:6.1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-525Primarypsirt@us.ibm.com
CWE ID: CWE-525
Type: Primary
Source: psirt@us.ibm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/269686psirt@us.ibm.com
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7142038psirt@us.ibm.com
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/269686
Source: psirt@us.ibm.com
Resource:
VDB Entry
Vendor Advisory
Hyperlink: https://www.ibm.com/support/pages/node/7142038
Source: psirt@us.ibm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

76Records found
CVE-2020-4344
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-15 Sep, 2020 | 13:50
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 178247.

Action-Not Available
Vendor-IBM Corporation
Product-tivoli_business_service_managerTivoli Business Service Manager
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4629
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-2.9||LOW
EPSS-0.04% / 12.40%
||
7 Day CHG~0.00%
Published-30 Sep, 2020 | 14:35
Updated-16 Sep, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelwebsphere_application_serverihp-uxwindowsz\/osaixWebSphere Application Server
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2020-4765
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.04% / 12.61%
||
7 Day CHG~0.00%
Published-19 May, 2021 | 19:40
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_pak_for_multicloud_managementCloud Pak for Multicloud Management
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4650
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.04% / 12.61%
||
7 Day CHG~0.00%
Published-09 Nov, 2020 | 20:25
Updated-17 Sep, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023.

Action-Not Available
Vendor-IBM Corporation
Product-maximo_spatial_asset_managementMaximo Spatial Asset Management
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4805
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 16:05
Updated-17 Sep, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539.

Action-Not Available
Vendor-IBM Corporation
Product-edge_application_managerEdge
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4951
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.07% / 20.93%
||
7 Day CHG~0.00%
Published-15 Oct, 2021 | 15:55
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.

Action-Not Available
Vendor-IBM CorporationNetApp, Inc.
Product-cognos_analyticsoncommand_insightCognos Analytics
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-4886
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-13 Nov, 2020 | 15:10
Updated-16 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910.

Action-Not Available
Vendor-IBM Corporation
Product-infosphere_information_serverInfoSphere Information Server
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4556
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.11% / 28.68%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 18:56
Updated-26 Feb, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Financial Transaction Manager information disclosure

IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 183329.

Action-Not Available
Vendor-IBM Corporation
Product-financial_transaction_managerFinancial Transaction Manager
CVE-2020-4591
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-2.9||LOW
EPSS-0.02% / 6.08%
||
7 Day CHG~0.00%
Published-28 Aug, 2020 | 14:35
Updated-17 Sep, 2024 | 00:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixspectrum_protect_serverwindowslinux_kernelSpectrum Protect Server
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2020-4809
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 16:05
Updated-16 Sep, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633.

Action-Not Available
Vendor-IBM Corporation
Product-edge_application_managerEdge
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4726
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.04% / 12.61%
||
7 Day CHG~0.00%
Published-02 Mar, 2021 | 16:55
Updated-16 Sep, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_application_performance_managementCloud APM
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2020-4803
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 16:05
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.

Action-Not Available
Vendor-IBM Corporation
Product-edge_application_managerEdge
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2023-50306
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.02% / 5.30%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 13:51
Updated-12 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Common Licensing information disclosure

IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.

Action-Not Available
Vendor-IBM Corporation
Product-common_licensingCommon Licensing
CWE ID-CWE-203
Observable Discrepancy
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2024-31870
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-3.3||LOW
EPSS-0.06% / 17.98%
||
7 Day CHG~0.00%
Published-15 Jun, 2024 | 13:47
Updated-22 Aug, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM i information disclosure

IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174.

Action-Not Available
Vendor-IBM Corporation
Product-iidb2_for_i
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2025-33081
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-3.3||LOW
EPSS-0.00% / 0.18%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 22:14
Updated-11 Feb, 2026 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive information in log files that could be read by a local user.

Action-Not Available
Vendor-Linux Kernel Organization, IncIBM Corporation
Product-linux_kernelconcertConcert
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-22338
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 16.26%
||
7 Day CHG~0.00%
Published-31 May, 2024 | 10:36
Updated-14 Aug, 2025 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Verify Access OIDC Provider information disclosure

IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. IBM X-Force ID: 279978.

Action-Not Available
Vendor-IBM Corporation
Product-security_verify_access_oidc_providerSecurity Verify Access OIDC Provider
CWE ID-CWE-20
Improper Input Validation
CVE-2019-4465
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.08% / 23.71%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 14:55
Updated-17 Sep, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_pak_systemCloud Pak System
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-4395
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.08% / 24.66%
||
7 Day CHG~0.00%
Published-25 Oct, 2019 | 16:30
Updated-17 Sep, 2024 | 00:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files. IBM X-Force ID: 162333.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_orchestratorCloud Orchestrator
CVE-2019-4695
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.02% / 6.49%
||
7 Day CHG~0.00%
Published-26 Aug, 2020 | 19:15
Updated-16 Sep, 2024 | 22:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926.

Action-Not Available
Vendor-IBM Corporation
Product-guardium_data_encryptionSecurity Guardium Data Encryption
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2019-4161
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.04% / 12.61%
||
7 Day CHG~0.00%
Published-06 Jun, 2019 | 20:45
Updated-17 Sep, 2024 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 158660.

Action-Not Available
Vendor-IBM Corporation
Product-security_information_queueSecurity Information Queue
CVE-2019-4174
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 15:10
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158879.

Action-Not Available
Vendor-IBM Corporation
Product-cognos_controllerCognos Controller
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-4132
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 15:00
Updated-16 Sep, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. IBM X-Force ID: 158274.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_automation_managerCloud Automation Manager
CVE-2019-4207
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.04% / 12.40%
||
7 Day CHG~0.00%
Published-07 May, 2019 | 18:35
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148.

Action-Not Available
Vendor-IBM Corporation
Product-tririga_application_platformTRIRIGA Application Platform
CVE-2019-4177
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 15:10
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158882.

Action-Not Available
Vendor-IBM Corporation
Product-cognos_controllerCognos Controller
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-33833
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-2.9||LOW
EPSS-0.02% / 5.07%
||
7 Day CHG~0.00%
Published-31 Aug, 2023 | 12:59
Updated-27 Sep, 2024 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Verify Information Queue information disclosure

IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-security_verify_information_queuelinux_kernelSecurity Verify Information Queue
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2024-31906
Matching Score-6
Assigner-IBM Corporation
ShareView Details
Matching Score-6
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 3.33%
||
7 Day CHG~0.00%
Published-26 Jan, 2025 | 14:36
Updated-14 Aug, 2025 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Automation Decision Services information disclosure

IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.

Action-Not Available
Vendor-IBM Corporation
Product-automation_decision_servicesAutomation Decision Services
CWE ID-CWE-525
Use of Web Browser Cache Containing Sensitive Information
  • Previous
  • 1
  • 2
  • Next
Details not found