Ibm Resilient_security_orchestration_automation_and_response
10 CVEs affecting Ibm Resilient_security_orchestration_automation_and_response. Latest disclosed: 2021-08-23. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-4633 | High | 8.8 | 2020-12-11 | IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. |
CVE-2021-29802 | High | 7.5 | 2021-08-23 | IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the cons… |
CVE-2021-29704 | High | 7.5 | 2021-08-23 | IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. |
CVE-2021-20566 | High | 7.5 | 2021-06-16 | IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force I… |
CVE-2020-4636 | High | 7.2 | 2020-10-16 | IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503. |
CVE-2021-29780 | Medium | 4.7 | 2021-07-19 | IBM Resilient OnPrem v41.1 of IBM Security SOAR could allow an authenticated user to perform actions that they should not have access to due to improper input… |
CVE-2021-20567 | Medium | 4.4 | 2021-06-16 | IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 1992… |
CVE-2020-4864 | Medium | 4.3 | 2020-10-29 | IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567. |
CVE-2019-4579 | Medium | 4.3 | 2020-08-28 | IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the… |
CVE-2019-4533 | Medium | 4.3 | 2020-08-28 | IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589. |