Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2022-34334
- EPSS 0.03%
- Published 10.10.2022 21:15:11
- Last modified 21.11.2024 07:09:19
IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.
7.1
CVE-2022-34348
- EPSS 0.42%
- Published 23.09.2022 18:15:10
- Last modified 22.05.2025 20:15:24
IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X...
7.5
CVE-2022-35639
- EPSS 0.39%
- Published 26.07.2022 15:15:10
- Last modified 21.11.2024 07:11:25
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932.