IBM Transformation Extender Advanced
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Transformation Extender Advanced.
By the Year
In 2026 there have been 0 vulnerabilities in IBM Transformation Extender Advanced. Last year, in 2025 Transformation Extender Advanced had 5 security vulnerabilities published. Right now, Transformation Extender Advanced is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 5 | 5.80 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 4.30 |
It may take a day or so for new Transformation Extender Advanced vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Transformation Extender Advanced Security Vulnerabilities
IBM SPE 10.0.1.10 Java Deserialization RCE
CVE-2023-49886
9.8 - Critical
- October 06, 2025
IBM Standards Processing Engine 10.0.1.10 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe java deserialization. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Marshaling, Unmarshaling
IBM Transformation Extender Adv 10.0.1 Weak Password Policy Vulnerability
CVE-2023-49883
5.9 - Medium
- October 01, 2025
IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
Weak Password Requirements
IBM TEA 10.0.1 Privilege Escalation via Improper Access Control
CVE-2023-50300
5.1 - Medium
- October 01, 2025
IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper access controls.
Authorization
IBM TE Advanced 10.0.1 Session Not Invalidate After Logout User Impersonation
CVE-2023-49881
6.3 - Medium
- October 01, 2025
IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Insufficient Session Expiration
IBM Transformation Extender Advanced 10.0.1 Log Files: Local User Info Exposure
CVE-2023-50301
1.9 - Low
- October 01, 2025
IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files that could be read by a local user.
Insertion of Sensitive Information into Log File
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies
CVE-2021-29883
4.3 - Medium
- October 21, 2021
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 207090.
Missing Encryption of Sensitive Data
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Transformation Extender Advanced or by IBM? Click the Watch button to subscribe.
