Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Common_licensing
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-26 | CVE-2023-50945 | IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. | Common_licensing | 5.5 | ||
| 2025-01-26 | CVE-2023-50946 | IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. | Common_licensing | 6.5 | ||
| 2024-02-20 | CVE-2023-50306 | IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337. | Common_licensing | 3.3 | ||
| 2024-08-13 | CVE-2024-41774 | IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. | Common_licensing | 4.8 | ||
| 2024-08-13 | CVE-2024-40697 | IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. | Common_licensing | 7.5 |