Ibm Partner Engagement Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Partner Engagement Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-29781 — CVSS 9.8 (critical): IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe…
CVE-2022-22360 — CVSS 8.8 (high): IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP…
CVE-2022-22332 — CVSS 7.5 (high): IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker to impersonate another user due to missing revocation mechanism for…
CVE-2022-22331 — CVSS 7.1 (high): IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to obtain sensitive information or modify user…
CVE-2022-22358 — CVSS 7.1 (high): IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when…
CVE-2022-22359 — CVSS 6.5 (medium): IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an…
CVE-2022-22328 — CVSS 6.2 (medium): IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to…
CVE-2022-22416 — CVSS 5.4 (medium): IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow…
CVE-2022-22417 — CVSS 5.4 (medium): IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows…
CVE-2022-34354 — CVSS 4.0 (medium): IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user…