CVEs (12)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerab...Show more |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 171936. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 171931. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 171938. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external component...Show more |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 171831. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 171829. |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti...Show more |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this v...Show more |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by p...Show more |
1Ibm 2Guardium Data Encryption Guardium For Cloud Key ManagementNov 21, 2024 Aug 26, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by p...Show more |