CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43919 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2022-43919
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241354 https://www.ibm.com/support/pages/node/6986559 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-30434 – IBM Storage Scale denial of service
https://notcve.org/view.php?id=CVE-2023-30434
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252187 https://www.ibm.com/support/pages/node/6988363 https://www.ibm.com/support/pages/node/6988365 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38707 – IBM Cognos Command Center information disclosure
https://notcve.org/view.php?id=CVE-2022-38707
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179. • https://exchange.xforce.ibmcloud.com/vulnerabilities/234179 https://www.ibm.com/support/pages/node/6983274 • CWE-613: Insufficient Session Expiration •
CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 0CVE-2023-24958 – IBM TS7700 Management Interface command injection
https://notcve.org/view.php?id=CVE-2023-24958
A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320. • https://exchange.xforce.ibmcloud.com/vulnerabilities/246320 https://www.ibm.com/support/pages/node/6980845 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-23470 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-23470
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to perform additional administrator operations. IBM X-Force ID: 244510. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244510 https://www.ibm.com/support/pages/node/6987767 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •