CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2022-35646 – IBM Security Verify Governance, Identity Manager security bypass
https://notcve.org/view.php?id=CVE-2022-35646
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096. El componente de software IBM Security Verify Governance, Identity Manager 10.0.1 podría permitir que un usuario autenticado modifique o cancele la solicitud de acceso de cualquier otro usuario utilizando técnicas de intermediario. ID de IBM X-Force: 231096. • https://exchange.xforce.ibmcloud.com/vulnerabilities/231096 https://www.ibm.com/support/pages/node/6850809 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38391 – IBM Spectrum Control information disclosure
https://notcve.org/view.php?id=CVE-2022-38391
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982. IBM Spectrum Control 5.4 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 233982. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233982 https://www.ibm.com/support/pages/node/6847541 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43382 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2022-43382
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641. IBM AIX 7.1, 7.2, 7.3 y VIOS 3.1 podrían permitir que un usuario local con privilegios elevados aproveche una vulnerabilidad en el lpd daemon para provocar una Denegación de Servicio (DoS). ID de IBM X-Force: 238641. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238641 https://www.ibm.com/support/pages/node/6848309 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43875 – IBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of service
https://notcve.org/view.php?id=CVE-2022-43875
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034. IBM Financial Transaction Manager para SWIFT Services for Multiplatforms 3.2.4 podría permitir que un usuario autenticado bloquee autorizaciones RM adicionales, lo que resultaría en una Denegación de Servicio (DoS) al mostrar o administrar estas autorizaciones. ID de IBM X-Force: 240034. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240034 https://www.ibm.com/support/pages/node/6848881 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43872 – IBM Financial Transaction Manager information disclosure
https://notcve.org/view.php?id=CVE-2022-43872
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP requests which allows getting unauthorized technical information (e.g. event log entries) about the FTM SWIFT system. IBM X-Force ID: 239708. Las comprobaciones de autorización de IBM Financial Transaction Manager 3.2.4 se realizan incorrectamente para algunas solicitudes HTTP, lo que permite obtener información técnica no autorizada (por ejemplo, entradas de registro de eventos) sobre el sistema FTM SWIFT. ID de IBM X-Force: 239708. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239708 https://www.ibm.com/support/pages/node/6848881 • CWE-863: Incorrect Authorization •