Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Resilient_security_orchestration_automation_and_response
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 10 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-08-23 | CVE-2021-29802 | IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | Resilient_security_orchestration_automation_and_response | 7.5 | ||
| 2021-08-23 | CVE-2021-29704 | IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | Resilient_security_orchestration_automation_and_response | 7.5 | ||
| 2021-07-19 | CVE-2021-29780 | IBM Resilient OnPrem v41.1 of IBM Security SOAR could allow an authenticated user to perform actions that they should not have access to due to improper input validation. IBM X-Force ID: 203085. | Resilient_security_orchestration_automation_and_response | 4.7 | ||
| 2020-12-11 | CVE-2020-4633 | IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | Resilient_security_orchestration_automation_and_response | 8.8 | ||
| 2021-06-16 | CVE-2021-20566 | IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238. | Resilient_security_orchestration_automation_and_response | 7.5 | ||
| 2021-06-16 | CVE-2021-20567 | IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239. | Resilient_security_orchestration_automation_and_response | 4.4 | ||
| 2020-10-29 | CVE-2020-4864 | IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567. | Resilient_security_orchestration_automation_and_response | 4.3 | ||
| 2020-10-16 | CVE-2020-4636 | IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503. | Resilient_security_orchestration_automation_and_response | 7.2 | ||
| 2020-08-28 | CVE-2019-4579 | IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236. | Resilient_security_orchestration_automation_and_response | N/A | ||
| 2020-08-28 | CVE-2019-4533 | IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589. | Resilient_security_orchestration_automation_and_response | N/A |