CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30997 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30997
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254638 https://www.ibm.com/support/pages/node/7158790 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30998 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30998
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254649 https://www.ibm.com/support/pages/node/7158790 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38371 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38371
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261198 https://www.ibm.com/support/pages/node/7158790 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42014 – IBM Sterling B2B Integrator Standard Edition cross-site scripting
https://notcve.org/view.php?id=CVE-2023-42014
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265511. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265511 https://www.ibm.com/support/pages/node/7158654 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31916 – IBM OpenBMC information disclosure
https://notcve.org/view.php?id=CVE-2024-31916
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026. • https://exchange.xforce.ibmcloud.com/vulnerabilities/290026 https://www.ibm.com/support/pages/node/7158679 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •