IBM Sterling Order Management
By the Year
In 2024 there have been 0 vulnerabilities in IBM Sterling Order Management . Last year Sterling Order Management had 2 security vulnerabilities published. Right now, Sterling Order Management is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 2 | 7.80 |
2022 | 0 | 0.00 |
2021 | 1 | 6.10 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Sterling Order Management vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Sterling Order Management Security Vulnerabilities
IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users
CVE-2022-33959
8.1 - High
- April 07, 2023
IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users. IBM X-Force ID: 229320.
IBM Sterling Order Management 10.0 does not require
CVE-2022-34333
7.5 - High
- April 07, 2023
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698.
Weak Password Requirements
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting
CVE-2021-20554
6.1 - Medium
- September 30, 2021
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Sterling Order Management or by IBM? Click the Watch button to subscribe.