PT-2024-28653 · Ibm · Ibm Engineering Lifecycle Optimization - Engineering Insights

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Engineering Insights versions 7.0.2 through 7.0.3 Description: The issue concerns the use of a web link with untrusted references to an external site, which could allow a remote attacker to expose...

IBM Engineering Lifecycle Optimization 安全漏洞

IBM Engineering Lifecycle Optimization ELO is an extension of the Engineering Lifecycle Management ELM portfolio from International Business Machines IBM. They make it easier to collect and analyze data across the development environment to make better decisions. Automate reporting to ensure that...

IBM Security Guardium Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2025-01796)

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. An information disclosure vulnerability exists in IBM Security Guardium Key Lifecycle Manager, which can ...

CVE-2024-49818

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2024-49819

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

CVE-2024-49820

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man i...

CVE-2024-49817

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user...

CVE-2024-49816

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

CVE-2024-49816

CVE-2024-49816 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 4.1, 4.1.1, 4.2.0, and 4.2.1. The issue is a log information disclosure: potentially sensitive data is stored in log files and could be read by a local privileged user due to how logging is handled. Impact is confi...

CVE-2024-49816 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man i...

CVE-2024-49819

CVE-2024-49819 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 4.1, 4.1.1, 4.2.0, and 4.2.1. The flaw could allow a remote attacker to obtain sensitive information in cleartext over a sniffable communication channel. The IBM security bulletin lists this as a network-friendly v...

CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

Today, CISA and the Office of the National Cyber Director ONCD published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure to assist grant-making agencies to incorporate cybersecurity into their grant programs and assist grant-recipients to build cyber...

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. An information vulnerability exists in IBM Security Guardium Key Lifecycle Manager, which can be exploite...

PT-2024-33694 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1 through 4.2.1 Description: The issue concerns the storage of user credentials in configuration files by IBM Security Guardium Key Lifecycle Manager. These credentials can be accessed by...

PT-2024-33697 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information...

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. An information disclosure vulnerability exists in IBM Security Guardium Key Lifecycle Manager, which can ...

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is a cryptographic key management tool from International Business Machines IBM. that centralizes, simplifies, and automates the key management process. A security vulnerability exists in IBM Security Guardium Key Lifecycle Manager. An attacker exploiti...

PT-2024-33695 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. IBM Security Guardium Key Lifecycle Manager suffers from an information disclosure vulnerability that ste...