CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28760 – IBM App Connect Enterprise denial of service
https://notcve.org/view.php?id=CVE-2024-28760
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244. El panel de IBM App Connect Enterprise 11.0.0.1 a 11.0.0.25 y 12.0.1.0 a 12.0.12.0 es vulnerable a una denegación de servicio debido a restricciones inadecuadas de asignación de recursos. ID de IBM X-Force: 285244. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285244 https://www.ibm.com/support/pages/node/7150845 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28761 – IBM App Connect Enterprise HTML injection
https://notcve.org/view.php?id=CVE-2024-28761
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 285245. IBM App Connect Enterprise 11.0.0.1 a 11.0.0.25 y 12.0.1.0 a 12.0.12.0 es vulnerable a la inyección de HTML. Un atacante remoto podría inyectar código HTML malicioso que, una vez visto, se ejecutaría en el navegador web de la víctima dentro del contexto de seguridad del sitio de alojamiento. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285245 https://www.ibm.com/support/pages/node/7150847 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22345 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22345
IBM TXSeries for Multiplatforms 8.2 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 280192. IBM TXSeries for Multiplatforms 8.2 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 280192. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280192 https://www.ibm.com/support/pages/node/7150667 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22344 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22344
IBM TXSeries for Multiplatforms 8.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 280191. IBM TXSeries for Multiplatforms 8.2 es vulnerable a la inyección de HTML. Un atacante remoto podría inyectar código HTML malicioso que, una vez visto, se ejecutaría en el navegador web de la víctima dentro del contexto de seguridad del sitio de alojamiento. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280191 https://www.ibm.com/support/pages/node/7150667 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22343 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22343
IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 280190. IBM TXSeries for Multiplatforms 8.2 permite almacenar páginas web localmente que pueden ser leídas por otro usuario del sistema. ID de IBM X-Force: 280190. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280190 https://www.ibm.com/support/pages/node/7150667 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •