CVE-2020-4216

CVE-2020-4216 affects IBM Spectrum Protect Plus versions 10.1.0–10.1.5 due to hard-coded credentials used for inbound authentication, outbound communication, or internal data encryption. This leads to an authentication bypass vulnerability. The IBM advisory lists a first-fix in 10.1.6 for Spectru...

IBM Spectrum Protect Plus Hardcoded Username And Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the Discovery Server service. The product...

IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2020-33088)

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A security vulnerability exists in IBM...

SAP Commerce Trust Management Issue Vulnerability

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. A trust management issue vulnerability exists in SAP Commerce that stems from the program's use of hard-coded...

Foxit Reader and PhantomPDF DocuSign Plugin Trust Management Issues Vulnerability

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A trust management issue exists in the DocuSign plug-in in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2. An attacker can exploit this vulnerability to obtain hard-coded...

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000 IOS Software Trust Management Issue Vulnerabilities

Cisco 1000 Series Connected Grid Routers CGR1000 is a 1000 Series Internet Grid Router from Cisco. A trust management issue exists in the virtual console authentication of the IOS Software in Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000. The vulnerability stems from the...

Fortinet FortiClient Trust Management Issue Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

IBM Security Guardium Trust Management Issues Vulnerability

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from a trust management issue...

IBM Security Guardium Trust Management Issues Vulnerability (CNVD-2020-32647)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from a trust management issue...

CVE-2020-4177

IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732...

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851...

CVE-2020-4177

IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732...

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851...

Hardcoded credentials

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851...

CVE-2020-4190

CVE-2020-4190 affects IBM Security Guardium 10.5/10.6/11.0/11.1 and involves hard-coded credentials (passwords or cryptographic keys) used for internal data encryption, inbound authentication, or outbound communication with external components. The underlying issue is the presence of embedded cre...

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851...

CVE-2020-4177

IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732...

CVE-2020-4177

Summary of CVE-2020-4177 (IBM Security Guardium) : The vulnerability stems from hard-coded credentials used for internal data encryption and for inbound/outbound communications. This affects IBM Security Guardium versions including 10.5, 10.6, 11.0, and 11.1. The associated IBM bulletin notes rem...