IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NIBM Sterling Partner Engagement Manager
APPIbm6.1.06.1.26.2.06.2.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Container
References
Related vulnerabilities
CVE-2022-34348HIGH7.1ten sam produkt
IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack whe...
CVE-2022-35639HIGH7.5ten sam produkt
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which...
CVE-2025-13723MEDIUM5.3ten sam produkt
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an att...
CVE-2025-13702MEDIUM6.1ten sam produkt
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to c...
CVE-2025-13726MEDIUM5.3ten sam produkt
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remo...