414 matches found
CVE-2021-44233
CVE-2021-44233 affects SAP GRC Access Control versions V1100_700, V1100_731, V1200_750, where an authenticated user may be able to escalate privileges due to insufficient authorization checks. The issue is described as an authorization check gap leading to privilege elevation. No exploitation det...
CVE-2021-44233
SAP GRC Access Control - versions V1100700, V1100731, V1200750, does not perform necessary authorization checks for an authenticated user, which could lead to escalation of privileges...
VulnCheck KEV: CVE-2014-0640
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors...
Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC
Summary Security Bulletin: Security vulnerabilities in Go affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2021-3114 DESCRIPTION: An unspecified error with the P224 Curve implementation can generate incorrect outputs in Golang Go has an unknown impact an...
Unspecified Vulnerability in IBM OpenPages GRC Platform
IBM OpenPages GRC Platform is a suite of platforms for managing enterprise risk and compliance from IBM in the United States. The platform provides a set of core services and functional components that cover the risk and compliance domain including operational risk, policy and compliance, financi...
OpenPages GRC Platform Cross-Site Scripting Vulnerability (CNVD-2021-34717)
OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...
CVE-2020-4535
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...
CVE-2020-4536
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...
CVE-2020-4535
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...
CVE-2020-4536
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...
Cross site scripting
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...
Information disclosure
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...
CVE-2020-4535
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182906...
CVE-2020-4536
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907...
CVE-2020-4535
OpenPages GRC Platform 8.1 is affected by a cross-site scripting (XSS) vulnerability in the Web UI that allows embedding arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. Root cause: improper input/output handling in the Web UI. Affected product/version:...
CVE-2020-4536
CVE-2020-4536 affects IBM OpenPages with Watson (GRC Platform) version 8.1, where a remote attacker could obtain sensitive information via a detailed error message returned in the browser. Vulnerable component is within IBM OpenPages GRC Platform 8.1; impact is information disclosure with CVSS ~4...
IBM OpenPages with Watson 跨站脚本漏洞
OpenPages with Watson is an AI-powered financial risk analytics solution. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring, analyzing, and managing risk data through a number ...
Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC.
Summary Security Bulletin: Security vulnerabilities in Python3 affect IBM Cloud Pak for Multicloud Management Hybrid GRC. Vulnerability Details CVEID: CVE-2020-8492 DESCRIPTION: Python is vulnerable to a denial of service, caused by a flaw in the urllib.request.AbstractBasicAuthHandler. By sendin...
A Modern Approach to Risk Management and Compliance
For far too long, organizations had to rely on traditional Governance, Risk and Compliance GRC tools -- with their modular and siloed approach -- to address their risk management and reporting compliance posture. With an increasing number of organizations looking at the Integrated Risk Management...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM OpenPages with Watson (CVE-2020-4575)
Summary IBM WebSphere Application Server is shipped as a component of IBM OpenPages with Watson. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...