Security Guardium@11.1 Security Vulnerabilities and Issues — Security Guardium@11.1 CVE List

Lucene search

IbmSecurity Guardium11.1

12 matches found

CVE•added 2020/06/04 2:15 p.m.•38 views

CVE-2020-4183

IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174739.

6.1CVSS5.8AI score0.00188EPSS

CVE•added 2020/06/03 3:15 p.m.•37 views

CVE-2020-4180

IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 174735.

9CVSS8.5AI score0.12303EPSS

CVE•added 2020/06/03 3:15 p.m.•36 views

CVE-2020-4177

IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732.

9.8CVSS9AI score0.0008EPSS

CVE•added 2020/06/03 3:15 p.m.•34 views

CVE-2020-4182

6.1CVSS5.8AI score0.00247EPSS

CVE•added 2020/06/03 3:15 p.m.•34 views

CVE-2020-4187

IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805.

5.3CVSS4.9AI score0.00163EPSS

CVE•added 2020/07/30 1:15 p.m.•31 views

CVE-2020-4185

IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2020/07/30 1:15 p.m.•31 views

CVE-2020-4186

IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804.

5.3CVSS4.9AI score0.00163EPSS

CVE•added 2020/06/03 3:15 p.m.•31 views

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851.

6.7CVSS6.5AI score0.00018EPSS

CVE•added 2020/06/04 2:15 p.m.•30 views

CVE-2020-4193

IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 174857.

9.8CVSS8.8AI score0.00414EPSS

CVE•added 2020/06/03 3:15 p.m.•30 views

CVE-2020-4307

IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997.

6.5CVSS6.5AI score0.00161EPSS

CVE•added 2020/06/04 2:15 p.m.•28 views

CVE-2020-4191

IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174852.

4.4CVSS4.5AI score0.00024EPSS

CVE•added 2020/06/23 6:15 p.m.•27 views

CVE-2020-4188

IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807.

5.3CVSS5.1AI score0.00163EPSS