Sterling Partner Engagement Manager@6.2.2 Security Vulnerabilities and Issues — Sterling Partner Engagement Manager@6.2.2 CVE List

Lucene search

IbmSterling Partner Engagement Manager6.2.2

5 matches found

CVE•added 2023/10/23 6:15 p.m.•57 views

CVE-2023-38722

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...

6.4CVSS5.3AI score0.00058EPSS

CVE•added 2023/10/23 6:15 p.m.•53 views

CVE-2023-43045

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896.

7.5CVSS6.3AI score0.0003EPSS

CVE•added 2025/05/07 11:15 a.m.•49 views

CVE-2025-33093

IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.

7.5CVSS7.4AI score0.00042EPSS

CVE•added 2024/07/16 11:15 p.m.•44 views

CVE-2022-35640

IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. IBM X-Force ID: 230933.

5.5CVSS4AI score0.00022EPSS

CVE•added 2024/03/13 10:15 a.m.•27 views

CVE-2023-28517

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...

5.4CVSS5.2AI score0.0004EPSS