Ibm Security Risk Manager On Cp4S vulnerabilities
2 known vulnerabilities affecting ibm/security_risk_manager_on_cp4s.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-38911MEDIUMCVSS 4.9v1.7.2.02021-10-19
CVE-2021-38911 [MEDIUM] CWE-312 CVE-2021-38911: IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be r
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940.
nvd
CVE-2021-29912MEDIUMCVSS 5.4v1.7.0.02021-10-19
CVE-2021-29912 [MEDIUM] CWE-79 CVE-2021-29912: IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability
IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828.
nvd