Storediq

storediq

Vendor: Ibm • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-4224 1Ibm 1Storediq Jun 17, 2026 Feb 3, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133.
CVE-2019-4167 1Ibm 1Storediq Jun 17, 2026 Aug 20, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.
CVE-2019-4165 1Ibm 1Storediq Jun 17, 2026 Jul 31, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698.
CVE-2019-4163 1Ibm 1Storediq Jun 17, 2026 Jul 31, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696.
CVE-2019-4166 1Ibm 1Storediq Jun 17, 2026 Apr 30, 2019 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability...Show more IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 158699.Show less
CVE-2018-1928 1Ibm 1Storediq Nov 21, 2024 Nov 30, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state cha...Show more IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.Show less
CVE-2018-1927 1Ibm 1Storediq Nov 21, 2024 Nov 30, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118.
CVE-2018-1583 1Ibm 1Storediq Nov 21, 2024 May 22, 2018 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate...Show more IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources. IBM X-Force ID: 143331.Show less