Skip to main content

Event Streams

3 CVEs product

Monthly

CVE-2021-29792 HIGH This Week

IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Privilege Escalation Event Streams
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2020-4662 HIGH PATCH This Week

IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Event Streams
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2018-1833 MEDIUM This Month

IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Event Streams
NVD
CVSS 3.0
5.3
EPSS
1.7%
EPSS 0% CVSS 7.2
HIGH This Week

IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Privilege Escalation Event Streams
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Event Streams
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Event Streams
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy