Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm partner engagement manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-40615
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 23...
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.1
9.8
CVSSv3
CVE-2021-29781
IBM Partner Engagement Manager 2.0 could allow a remote malicious user to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X...
Ibm Partner Engagement Manager 2.0
9.6
CVSSv3
CVE-2023-23482
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Sterling Partner Engagement Manager
8.8
CVSSv3
CVE-2022-22360
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated malicious user to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to...
Ibm Partner Engagement Manager
Ibm Partner Engagement Manager On Cloud\\/saas 22.2
7.5
CVSSv3
CVE-2023-43045
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896.
Ibm Sterling Partner Engagement Manager 6.1.2
Ibm Sterling Partner Engagement Manager 6.2.0
Ibm Sterling Partner Engagement Manager 6.2.2
7.5
CVSSv3
CVE-2022-35639
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932.
Ibm Sterling Partner Engagement Manager On Cloud 22.2
Ibm Sterling Partner Engagement Manager
7.5
CVSSv3
CVE-2022-22332
IBM Sterling Partner Engagement Manager 6.2.0 could allow an malicious user to impersonate another user due to missing revocation mechanism for the JWT token. IBM X-Force ID: 219131.
Ibm Partner Engagement Manager 6.2.0
7.1
CVSSv3
CVE-2022-34348
IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 230017.
Ibm Sterling Partner Engagement Manager 6.2.1.0
Ibm Sterling Partner Engagement Manager
7.1
CVSSv3
CVE-2022-22358
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-F...
Ibm Partner Engagement Manager
Ibm Partner Engagement Manager On Cloud\\/saas 22.2
7.1
CVSSv3
CVE-2022-22331
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated malicious user to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 219130.
Ibm Partner Engagement Manager 6.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »