Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Pureapplication System

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-4234	1 Ibm	1 Pureapplication System	2020-08-24	4.0 MEDIUM	4.3 MEDIUM
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.
CVE-2019-4224	1 Ibm	1 Pureapplication System	2019-10-09	6.5 MEDIUM	6.3 MEDIUM
IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 159240.
CVE-2019-4225	1 Ibm	1 Pureapplication System	2019-10-09	2.1 LOW	4.4 MEDIUM
IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.