Skip to main content

Common Licensing

4 CVEs product

Monthly

CVE-2023-50946 MEDIUM This Month

IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Common Licensing
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-50945 MEDIUM This Month

IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Common Licensing
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2024-41774 MEDIUM This Month

IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Common Licensing
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-40697 HIGH This Week

IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Brute Force Information Disclosure Common Licensing
NVD
CVSS 3.1
7.5
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Common Licensing
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Common Licensing
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Common Licensing
NVD
EPSS 0% CVSS 7.5
HIGH This Week

IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Brute Force Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy