IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527.
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-10-06
Updated
2023-10-10
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM X-Force ID: 264114.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-29
Updated
2023-11-08
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Force ID: 264116.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-29
Updated
2023-11-08
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-15
Updated
2023-10-19
Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263583.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-16
Updated
2023-10-19
IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581.
Max CVSS
6.5
EPSS Score
0.04%
Published
2023-10-04
Updated
2023-10-05
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 263580.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-09-28
Updated
2023-09-29
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-10-22
Updated
2023-10-27
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-08-14
Updated
2023-08-23
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 260577.
Max CVSS
8.8
EPSS Score
0.05%
Published
2024-02-02
Updated
2024-02-09
IBM Maximo Asset Management 7.6.1.3 could allow a remote attacker to log into the admin panel due to improper access controls. IBM X-Force ID: 255073.
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-02
Updated
2024-02-07
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-07-16
Updated
2023-07-26
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-07-16
Updated
2023-07-26
IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-07-19
Updated
2023-07-28
IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected service. IBM X-Force ID: 249194.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-07-10
Updated
2023-08-18
A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320.
Max CVSS
8.8
EPSS Score
0.77%
Published
2023-05-04
Updated
2023-05-10
IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. IBM X-Force ID: 242953.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-03-15
Updated
2023-07-11
IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-03-15
Updated
2023-03-19
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. A local attacker can create an outbound network connection to another system. IBM X-Force ID: 240827.
Max CVSS
6.5
EPSS Score
0.04%
Published
2022-12-01
Updated
2022-12-06
IBM QRadar SIEM 7.4 and 7.5 is vulnerable to privilege escalation, allowing a user with some admin capabilities to gain additional admin capabilities. IBM X-Force ID: 239425.
Max CVSS
7.2
EPSS Score
0.08%
Published
2023-03-22
Updated
2023-03-28
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812.
Max CVSS
7.5
EPSS Score
0.04%
Published
2024-02-17
Updated
2024-02-20
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or perform tasks they should not have access to. IBM X-Force ID: 236311.
Max CVSS
8.1
EPSS Score
0.06%
Published
2022-09-21
Updated
2022-09-22
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575.
Max CVSS
6.5
EPSS Score
0.04%
Published
2022-10-06
Updated
2022-10-14
After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. IBM X-Force ID: 229695.
Max CVSS
9.8
EPSS Score
0.25%
Published
2022-11-11
Updated
2022-11-17
An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326.
Max CVSS
9.8
EPSS Score
0.23%
Published
2022-06-30
Updated
2022-07-07
160 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!