IBM Pureapplication System
By the Year
In 2022 there have been 0 vulnerabilities in IBM Pureapplication System . Pureapplication System did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 5 | 6.06 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Pureapplication System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Pureapplication System Security Vulnerabilities
IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection
CVE-2019-4224
6.3 - Medium
- June 26, 2019
IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 159240.
SQL Injection
IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user
CVE-2019-4225
4.4 - Medium
- June 26, 2019
IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.
Insertion of Sensitive Information into Log File
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor
CVE-2019-4234
4.3 - Medium
- June 26, 2019
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require
CVE-2019-4235
7.5 - High
- June 26, 2019
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 159417.
Weak Password Requirements
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could
CVE-2019-4241
7.8 - High
- June 26, 2019
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. IBM X-Force ID: 159467.
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18
CVE-2015-0235
- January 28, 2015
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Security Access Manager Enterprise Single Sign On or by IBM? Click the Watch button to subscribe.
