Security Guardium Security Vulnerabilities and Issues — Security Guardium CVE List

Lucene search

IbmSecurity Guardium

6 matches found

CVE•added 2022/04/19 5:15 p.m.•72 views

CVE-2021-39076

IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2022/04/19 5:15 p.m.•70 views

CVE-2021-39072

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 215581.

5.9CVSS5.3AI score0.00213EPSS

CVE•added 2022/04/19 5:15 p.m.•69 views

CVE-2021-39078

IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589.

4.4CVSS4.2AI score0.00037EPSS

CVE•added 2022/12/20 9:15 p.m.•64 views

CVE-2022-39166

IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.

4.9CVSS4.3AI score0.00047EPSS

CVE•added 2022/11/03 8:15 p.m.•54 views

CVE-2021-39077

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.

4.4CVSS5.2AI score0.00011EPSS

CVE•added 2022/06/29 4:15 p.m.•53 views

CVE-2021-39074

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.8AI score0.00131EPSS