IBM Storediq
By the Year
In 2024 there have been 0 vulnerabilities in IBM Storediq . Storediq did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 1 | 5.50 |
2019 | 4 | 6.10 |
2018 | 3 | 6.57 |
It may take a day or so for new Storediq vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Storediq Security Vulnerabilities
IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links
CVE-2020-4224
5.5 - Medium
- February 03, 2020
IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133.
Information Disclosure
IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2019-4167
6.5 - Medium
- August 20, 2019
IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.
Session Riding
IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authent
CVE-2019-4163
4.3 - Medium
- July 31, 2019
IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696.
IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote a
CVE-2019-4165
7.5 - High
- July 31, 2019
IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698.
IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack
CVE-2019-4166
6.1 - Medium
- April 30, 2019
IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699.
Open Redirect
IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2018-1927
8.8 - High
- November 30, 2018
IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118.
Session Riding
IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to
CVE-2018-1928
5.5 - Medium
- November 30, 2018
IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.
IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions
CVE-2018-1583
5.4 - Medium
- May 22, 2018
IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Storediq or by IBM? Click the Watch button to subscribe.