CVE-2022-35279

MEDIUM Year: 2022
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-312
View all →

Vulnerability Description

"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system. IBM X-Force ID: 230537."

Related Vulnerabilities

CVE-2018-19279

MEDIUM
CVSS:4.3(Medium)

PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD...

CWE-3122018

CVE-2019-10447

MEDIUM
CVSS:4.3(Medium)

Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CWE-3122019

CVE-2019-10451

MEDIUM
CVSS:4.3(Medium)

Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

CWE-3122019

CVE-2019-10452

MEDIUM
CVSS:4.3(Medium)

Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the mast...

CWE-3122019

CVE-2019-4738

MEDIUM
CVSS:4.3(Medium)

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in f...

CWE-3122019

CVE-2020-15935

MEDIUM
CVSS:4.3(Medium)

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users...

CWE-3122020