Ibm Transformation Extender Advanced — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Transformation Extender Advanced, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-49886 — CVSS 9.8 (critical): IBM Standards Processing Engine 10.0.1.10 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe java…
CVE-2017-1758 — CVSS 7.1 (high): IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager…
CVE-2023-49881 — CVSS 6.3 (medium): IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate…
CVE-2023-49883 — CVSS 5.9 (medium): IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for…
CVE-2023-50300 — CVSS 5.1 (medium): IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper access controls.
CVE-2021-29883 — CVSS 4.3 (medium): IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization…
CVE-2023-50301 — CVSS 1.9 (low): IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files that could be read by a local user.