Curam Social Program Management Security Vulnerabilities and Issues — Curam Social Program Management CVE List

Lucene search

IbmCuram Social Program Management

5 matches found

CVE•added 2019/05/07 7:29 p.m.•45 views

CVE-2018-2001

IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 154891.

8.8CVSS8.4AI score0.00094EPSS

CVE•added 2017/08/02 7:29 p.m.•41 views

CVE-2014-8903

IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors.

8.8CVSS8.1AI score0.0085EPSS

CVE•added 2020/10/12 1:15 p.m.•33 views

CVE-2020-4772

An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. A remote attacker could exploit this vulnerability to expose sensitive information, denial of service, server side request forgery or consume memory resources. IBM X-Force ID: 18915...

8.1CVSS8.1AI score0.00541EPSS

CVE•added 2021/01/04 2:15 p.m.•33 views

CVE-2020-4942

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942.

8.8CVSS8.4AI score0.00109EPSS

CVE•added 2020/10/12 1:15 p.m.•30 views

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156.

8.1CVSS7.8AI score0.00126EPSS