本ページは ibm common_licensing に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-50946 | IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. | [email protected] | 6.5 | 0.25% | 2025-01-26 | 2026-06-17 |
| CVE-2023-50945 | IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. | [email protected] | 6.2 | 0.05% | 2025-01-26 | 2026-06-17 |
| CVE-2024-41774 | IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 350348. | [email protected] | 4.8 | 0.25% | 2024-08-13 | 2026-06-17 |
| CVE-2024-40697 | IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. | [email protected] | 7.5 | 0.49% | 2024-08-13 | 2026-06-17 |
| CVE-2023-50306 | IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337. | [email protected] | 4.0 | 0.19% | 2024-02-20 | 2026-06-17 |