Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2019-4688
- EPSS 0.09%
- Published 26.08.2020 19:15:12
- Last modified 21.11.2024 04:43:59
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site th...
7.5
CVE-2019-4689
- EPSS 0.06%
- Published 26.08.2020 19:15:12
- Last modified 21.11.2024 04:44:00
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensiti...