Ibm Sterling Partner Engagement Manager On Cloud
6 CVEs affecting Ibm Sterling Partner Engagement Manager On Cloud. Latest disclosed: 2022-07-26. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-35639 | High | 7.5 | 2022-07-26 | IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. I… |
CVE-2022-22360 | High | 7.5 | 2022-07-19 | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a sp… |
CVE-2022-22358 | High | 7.1 | 2022-07-19 | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data… |
CVE-2022-22417 | Medium | 5.4 | 2022-07-19 | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitra… |
CVE-2022-22416 | Medium | 5.4 | 2022-07-19 | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated at… |
CVE-2022-22359 | Medium | 4.3 | 2022-07-19 | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute ma… |