5 matches found
CVE-2023-50945
IBM Security Bulletin (4CD2A2FD82F36F35C228C749EF006B94401908FFBE17D0B20533D071D61360D0) notes that IBM Common Licensing affects Agent 9.0 and ART 9.0, where user passwords could be exposed in the browser console due to stored credentials. The information-disclosure stems from password exposure v...
CVE-2023-50946
CVE-2023-50946 affects IBM Common Licensing 9.0. An authenticated user could modify a configuration file they should not access because of a broken authorization mechanism. Multiple sources (IBM security bulletin entries and vendor advisories) description confirm the issue and its impact as an in...
CVE-2023-50306
CVE-2023-50306: IBM Common Licensing username enumeration (local) Affected product: IBM Engineering Requirements Management DOORS family (DOORS/DOORS Web Access) on versions 9.7.2.7 and related DOORS Web Access/DWA, with root cause described as an observable response discrepancy that lets a local...
CVE-2024-40697
IBM Common Licensing 9.0 is vulnerable to weak password policy; affected components include IBM Common Licensing Agent 9.0 and ART 9.0. Root cause: password requirements are not enforced by default. Impact: potential compromise of user accounts. Remediation: update to IBM Common Licensing 9.0.0.1...
CVE-2024-41774
IBM Common Licensing 9.0 is affected by CVE-2024-41774: stored cross-site scripting in the Web UI (LKS Administration Reporting Tool/Agent) that could allow a privileged user to inject JavaScript and potentially disclose credentials. Remediation: apply IBM_Common_Licensing_ICL_9.0.0.1 / update to...