Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm partner engagement manager 6.2.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-38722
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.2
7.5
CVSSv3
CVE-2023-43045
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896.
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.2
6.2
CVSSv3
CVE-2022-22328
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. IBM X-Force ID: 218871.
Ibm Partner Engagement Manager 6.2.0
7.1
CVSSv3
CVE-2022-22331
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated malicious user to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 219130.
Ibm Partner Engagement Manager 6.2.0
7.5
CVSSv3
CVE-2022-22332
IBM Sterling Partner Engagement Manager 6.2.0 could allow an malicious user to impersonate another user due to missing revocation mechanism for the JWT token. IBM X-Force ID: 219131.
Ibm Partner Engagement Manager 6.2.0
6.5
CVSSv3
CVE-2022-34335
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705.
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.1
3.3
CVSSv3
CVE-2022-34354
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424.
Ibm Partner Engagement Manager 6.1.2
Ibm Partner Engagement Manager 6.2.0
Ibm Partner Engagement Manager 6.2.1
9.8
CVSSv3
CVE-2022-40615
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 23...
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.1
NA
CVE-2023-28517
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started