Sterling Partner Engagement Manager@6.2.0 Security Vulnerabilities and Issues — Sterling Partner Engagement Manager@6.2.0 CVE List

Lucene search

IbmSterling Partner Engagement Manager6.2.0

4 matches found

CVE•added 2023/10/23 6:15 p.m.•57 views

CVE-2023-38722

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...

6.4CVSS5.3AI score0.00058EPSS

CVE•added 2023/10/23 6:15 p.m.•53 views

CVE-2023-43045

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896.

7.5CVSS6.3AI score0.0003EPSS

CVE•added 2023/01/11 5:15 p.m.•48 views

CVE-2022-40615

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208.

9.8CVSS7.9AI score0.00082EPSS

CVE•added 2023/01/11 5:15 p.m.•40 views

CVE-2022-34335

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705.

6.5CVSS6.3AI score0.00075EPSS