VYPR

Guardium Cloud Key Manager

by IBM

CVEs (3)

  • CVE-2023-26270MedAug 28, 2023
    risk 0.42cvss 6.5epss 0.01

    IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this…

  • CVE-2023-26272MedAug 28, 2023
    risk 0.34cvss 5.3epss 0.00

    IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the…

  • CVE-2023-26271MedAug 28, 2023
    risk 0.34cvss 5.3epss 0.00

    IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 248126.