Ibm

Security Guardium Insights

24 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2021-29846

  • EPSS 0.11%
  • Published 26.01.2022 18:15:07
  • Last modified 21.11.2024 06:01:54

IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256.

8.8

CVE-2021-29845

  • EPSS 0.19%
  • Published 26.01.2022 18:15:07
  • Last modified 21.11.2024 06:01:54

IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. IBM X-Force ID: 205255.

5.9

CVE-2021-29838

  • EPSS 0.17%
  • Published 26.01.2022 18:15:07
  • Last modified 21.11.2024 06:01:53

IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information us...

4.4

CVE-2020-4604

  • EPSS 0.02%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:58

IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 184861.

4.4

CVE-2020-4602

  • EPSS 0.04%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:58

IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184836.

5.3

CVE-2020-4600

  • EPSS 0.19%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:58

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force I...

5.3

CVE-2020-4599

  • EPSS 0.19%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:57

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force I...

4.3

CVE-2020-4597

  • EPSS 0.08%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:57

IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to....

7.5

CVE-2020-4596

  • EPSS 0.11%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:57

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812.

7.5

CVE-2020-4595

  • EPSS 0.11%
  • Published 13.01.2021 19:15:16
  • Last modified 21.11.2024 05:32:57

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819.