CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43901 – IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps information disclosure
https://notcve.org/view.php?id=CVE-2022-43901
01 Dec 2022 — IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829. IBM WebSphere Automation para IBM Cloud Pak para Watson AIOps 1.4.3 podría revelar información confidencial. Un atacante local autenticado podría aprovechar esta vulnerabilidad para posiblemente obtener inform... • https://exchange.xforce.ibmcloud.com/vulnerabilities/240829 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43900 – IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps security bypass
https://notcve.org/view.php?id=CVE-2022-43900
01 Dec 2022 — IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827. IBM WebSphere Automation para IBM Cloud Pak para Watson AIOps 1.4.2 podría proporcionar una seguridad más débil de lo esperado. Un atacante local puede crear una conexión de red saliente a otro sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240827 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22493
https://notcve.org/view.php?id=CVE-2022-22493
07 Oct 2022 — IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449. IBM WebSphere Automation for Cloud Pak for Watson AIOps versión 1.4.2, es vulnerable a un ataque de tipo cross-site request forgery, causada por la configuración inapropiada de los atributos de las cookies. IBM X-Force ID: 226449 • https://exchange.xforce.ibmcloud.com/vulnerabilities/226449 • CWE-352: Cross-Site Request Forgery (CSRF) •