Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm powersc 1.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-50940
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 275130.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
8.8
CVSSv3
CVE-2023-50936
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
7.5
CVSSv3
CVE-2023-50962
IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS) web security policy mechanism. IBM X-Force ID: 276004.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
7.5
CVSSv3
CVE-2023-50326
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 275107.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
7.5
CVSSv3
CVE-2023-50937
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 275117.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
7.5
CVSSv3
CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 275129.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
6.5
CVSSv3
CVE-2023-50935
IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote malicious user to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
6.1
CVSSv3
CVE-2023-50933
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
5.4
CVSSv3
CVE-2023-50941
IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
5.3
CVSSv3
CVE-2023-50934
IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114.
Ibm Powersc 2.0
Ibm Powersc 2.1
Ibm Powersc 1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »