CVE-2023-38370 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38370
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could allow a user on the network to install malicious packages. IBM X-Force ID: 261197. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261197 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions •
CVE-2023-38368 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38368
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261195 https://www.ibm.com/support/pages/node/7158790 • CWE-276: Incorrect Default Permissions CWE-863: Incorrect Authorization •
CVE-2023-30997 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30997
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254638 https://www.ibm.com/support/pages/node/7158790 • CWE-250: Execution with Unnecessary Privileges •
CVE-2023-30998 – IBM Security Access Manager Docker privilege escalation
https://notcve.org/view.php?id=CVE-2023-30998
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254649 https://www.ibm.com/support/pages/node/7158790 • CWE-250: Execution with Unnecessary Privileges •
CVE-2023-38371 – IBM Security Access Manager Docker information disclosure
https://notcve.org/view.php?id=CVE-2023-38371
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261198 https://www.ibm.com/support/pages/node/7158790 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •