CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22335 – IBM QRadar Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-22335
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279975. IBM QRadar Suite 1.10.12.0 a 1.10.17.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 279975. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279975 https://www.ibm.com/support/pages/node/7118642 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46186 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2023-46186
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929. IBM Jazz for Service Management 1.1.3.20 podría permitir que un usuario no autorizado obtenga información confidencial de archivos mediante navegación forzada debido a controles de acceso inadecuados. ID de IBM X-Force: 269929. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269929 https://www.ibm.com/support/pages/node/7116830 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22506 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-22506
IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. IBM X-Force ID: 227293. IBM Robotic Process Automation 21.0.2 contiene una vulnerabilidad que podría permitir que los ID de usuario queden expuestos entre inquilinos. ID de IBM X-Force: 227293. • https://exchange.xforce.ibmcloud.com/vulnerabilities/227293 https://www.ibm.com/support/pages/node/6591237 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34309 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2022-34309
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440. IBM CICS TX Standard y Advanced 11.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 229440. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229440 https://www.ibm.com/support/pages/node/6832814 https://www.ibm.com/support/pages/node/6832918 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34311 – IBM CICS TX session fixation
https://notcve.org/view.php?id=CVE-2022-34311
IBM CICS TX Standard and Advanced 11.1 could allow a user with physical access to the web browser to gain access to the user's session due to insufficiently protected credentials. IBM X-Force ID: 229446. IBM CICS TX Standard y Advanced 11.1 podrían permitir que un usuario con acceso físico al navegador web obtenga acceso a la sesión del usuario debido a que las credenciales no están suficientemente protegidas. ID de IBM X-Force: 229446. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229446 https://www.ibm.com/support/pages/node/6832928 https://www.ibm.com/support/pages/node/6832930 • CWE-522: Insufficiently Protected Credentials •