Ibm Sterlingpartner Engagement Manager vulnerabilities

2 known vulnerabilities affecting ibm/sterlingpartner_engagement_manager.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2022-22331HIGHCVSS 7.1v6.2.02022-04-01

CVE-2022-22331 [HIGH] CWE-639 CVE-2022-22331: IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to obtain s IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 219130.

CVE-2022-22328MEDIUMCVSS 6.2v6.2.02022-04-01

CVE-2022-22328 [MEDIUM] CVE-2022-22328: IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privilege IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. IBM X-Force ID: 218871.