Lucene search
K

121 matches found

CNVD
CNVD
added 2020/08/27 12:0 a.m.3 views

IBM Security Guardium Data Encryption (GDE) Information Disclosure Vulnerability (CNVD-2020-49939)

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. An information disclosure vulnerability exists in IBM Security Guardium Data Encryption GDE 3.0.0.2, which stems...

4.3CVSS8.2AI score0.00567EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/27 12:0 a.m.6 views

IBM Security Guardium Data Encryption (GDE) Plaintext Storage Vulnerability (CNVD-2020-49941)

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. A plaintext storage vulnerability exists in IBM Security Guardium Data Encryption GDE 3.0.0.2, which can be...

6CVSS6.5AI score0.00198EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 8:15 p.m.3 views

CVE-2019-4695

IBM Security Guardium Data Encryption GDE 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926...

3.3CVSS6.1AI score0.00205EPSS
Exploits0References2
Prion
Prion
added 2020/08/26 8:15 p.m.13 views

Code injection

IBM Security Guardium Data Encryption GDE 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926...

2.1CVSS3.3AI score0.00205EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/26 7:15 p.m.19 views

CVE-2019-4695

IBM Security Guardium Data Encryption GDE 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926...

4CVSS3.2AI score0.00205EPSS
Exploits0References2
NVD
NVD
added 2020/08/26 7:15 p.m.16 views

CVE-2019-4699

IBM Security Guardium Data Encryption GDE 3.0.0.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 171931...

4CVSS3.2AI score0.00499EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.3 views

CVE-2019-4698

IBM Security Guardium Data Encryption GDE 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929...

7.5CVSS7.1AI score
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.5 views

CVE-2019-4692

IBM Security Guardium Data Encryption GDE 3.0.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 171829...

5.3CVSS6.3AI score0.00657EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.5 views

CVE-2019-4693

IBM Security Guardium Data Encryption GDE 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 171831...

4.4CVSS6.4AI score0.00198EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.6 views

CVE-2019-4699

IBM Security Guardium Data Encryption GDE 3.0.0.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 171931...

2.7CVSS6.1AI score0.00499EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.4 views

CVE-2019-4691

IBM Security Guardium Data Encryption GDE 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

5.4CVSS5.9AI score0.00351EPSS
Exploits0References2
NVD
NVD
added 2020/08/26 7:15 p.m.18 views

CVE-2019-4697

IBM Security Guardium Data Encryption GDE 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 171938...

6.5CVSS5.2AI score0.0052EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.3 views

CVE-2019-4697

IBM Security Guardium Data Encryption GDE 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 171938...

6.5CVSS6.3AI score0.0052EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.5 views

CVE-2019-4689

IBM Security Guardium Data Encryption GDE 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

7.5CVSS6.5AI score0.00557EPSS
Exploits0References2
NVD
NVD
added 2020/08/26 7:15 p.m.29 views

CVE-2019-4689

IBM Security Guardium Data Encryption GDE 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

7.5CVSS5.9AI score0.00557EPSS
Exploits0References2
OSV
OSV
added 2020/08/26 7:15 p.m.3 views

CVE-2019-4686

IBM Security Guardium Data Encryption GDE 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...

5.3CVSS5.9AI score0.0038EPSS
Exploits0References2
Prion
Prion
added 2020/08/26 7:15 p.m.17 views

Authorization

IBM Security Guardium Data Encryption GDE 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...

5CVSS4.7AI score0.0038EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/08/26 7:0 p.m.22 views

CVE-2019-4697

IBM Security Guardium Data Encryption GDE 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 171938...

5.3CVSS6AI score0.0052EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/26 7:0 p.m.20 views

CVE-2019-4693

IBM Security Guardium Data Encryption GDE 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 171831...

6CVSS4.2AI score0.00198EPSS
Exploits0References2
CVE
CVE
added 2020/08/26 7:0 p.m.49 views

CVE-2019-4688

CVE-2019-4688 affects IBM Guardium Data Encryption (GDE) 3.0.0.2, which does not set the secure attribute on authorization tokens or session cookies. This omission could allow an attacker to obtain cookie values by luring a user to click an http:// link or via a malicious site, enabling cookie sn...

4.3CVSS5AI score0.00567EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder