Pureapplication System IBM Pureapplication System

Do you want an email whenever new security vulnerabilities are reported in IBM Pureapplication System?

By the Year

In 2022 there have been 0 vulnerabilities in IBM Pureapplication System . Pureapplication System did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 5 6.06
2018 0 0.00

It may take a day or so for new Pureapplication System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent IBM Pureapplication System Security Vulnerabilities

IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection

CVE-2019-4224 6.3 - Medium - June 26, 2019

IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 159240.

SQL Injection

IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user

CVE-2019-4225 4.4 - Medium - June 26, 2019

IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.

Insertion of Sensitive Information into Log File

IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor

CVE-2019-4234 4.3 - Medium - June 26, 2019

IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.

IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require

CVE-2019-4235 7.5 - High - June 26, 2019

IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 159417.

Weak Password Requirements

IBM PureApplication System 2.2.3.0 through 2.2.5.3 could

CVE-2019-4241 7.8 - High - June 26, 2019

IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. IBM X-Force ID: 159467.

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18

CVE-2015-0235 - January 28, 2015

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for PHP or by IBM? Click the Watch button to subscribe.

IBM
Vendor

subscribe