CVE-2020-4593
- EPSS 0.03%
- Published 24.08.2020 16:15:11
- Last modified 21.11.2024 05:32:57
IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184747.
CVE-2020-4170
- EPSS 0.09%
- Published 24.08.2020 16:15:10
- Last modified 21.11.2024 05:32:20
IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174406.
CVE-2020-4165
- EPSS 0.09%
- Published 24.08.2020 16:15:10
- Last modified 21.11.2024 05:32:20
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click acti...
CVE-2020-4173
- EPSS 0.17%
- Published 09.07.2020 19:15:11
- Last modified 21.11.2024 05:32:20
IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user ...