3 matches found
CVE-2019-4702
CVE-2019-4702 affects IBM Guardium Data Encryption (GDE) 3.0.0.2, where permissions on a security-critical resource allow read/modify by unintended actors. The issue is described as improper privilege control in GDE 3.0.0.2. Connected sources also indicate remediation: the vulnerability is fixed ...
CVE-2019-4160
CVE-2019-4160 affects IBM Guardium Data Encryption (GDE) version 3.0.0.2, which uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The issue is specific to GDE 3.0.0.2; IBM’s bulletin notes that fixes are available in GDE 4.0.0...
CVE-2019-4687
CVE-2019-4687 affects IBM Security Guardium Data Encryption (GDE) 3.0.0.2, where sensitive data is stored in URL parameters. The root cause is the disclosure risk from information in URLs that can be exposed via server logs, referrer headers, or browser history. The vulnerability is documented ac...