VYPR

Security Guardium

by IBM

CVEs (137)

  • CVE-2021-20389May 24, 2021
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 195770.

  • CVE-2021-20386May 24, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2021-20385May 24, 2021
    risk 0.00cvss epss 0.02

    IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 195766.

  • CVE-2020-4990May 24, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710.

  • CVE-2020-4184Mar 15, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 174802..

  • CVE-2020-4952Jan 27, 2021
    risk 0.00cvss epss 0.02

    IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028.

  • CVE-2020-4189Jan 27, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be used in further attacks against the system. IBM X-Force ID: 174850.

  • CVE-2020-4921Jan 20, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398.

  • CVE-2020-4688Jan 20, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. IBM X-Force ID: 186700.

  • CVE-2020-4604Jan 13, 2021
    risk 0.00cvss epss 0.00

    IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 184861.

  • CVE-2020-4602Jan 13, 2021
    risk 0.00cvss epss 0.00

    IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184836.

  • CVE-2020-4600Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184832.

  • CVE-2020-4599Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184824.

  • CVE-2020-4597Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to…

  • CVE-2020-4596Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812.

  • CVE-2020-4595Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819.

  • CVE-2020-4594Jan 13, 2021
    risk 0.00cvss epss 0.01

    IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184800.

  • CVE-2020-4689Oct 12, 2020
    risk 0.00cvss epss 0.02

    IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.

  • CVE-2020-4681Oct 12, 2020
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2020-4680Oct 12, 2020
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

Page 5 of 7