Sterling Partner Engagement Manager Security Vulnerabilities and Issues — Sterling Partner Engagement Manager CVE List

Lucene search

IbmSterling Partner Engagement Manager

5 matches found

CVE•added 2022/07/19 5:15 p.m.•58 views

CVE-2022-22359

IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652.

6.5CVSS6.4AI score0.0008EPSS

CVE•added 2023/10/23 6:15 p.m.•57 views

CVE-2023-38722

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...

6.4CVSS5.3AI score0.00058EPSS

CVE•added 2022/10/10 9:15 p.m.•55 views

CVE-2022-34334

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 229704.

6.5CVSS6.1AI score0.00029EPSS

CVE•added 2023/01/11 5:15 p.m.•40 views

CVE-2022-34335

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705.

6.5CVSS6.3AI score0.00075EPSS

CVE•added 2023/06/08 2:15 a.m.•39 views

CVE-2023-23481

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

6.4CVSS5.3AI score0.00135EPSS