IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a local user to obtain sensitive information due to inappropriate data retention of attachments. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. Rated low severity (CVSS 2.5). No vendor patch available.