NotCVE - vendor:"Ibm" product:"Guardium Data Encryption" version:"5.0.0.2"

3 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-39024

https://notcve.org/view.php?id=CVE-2021-39024

10 May 2022 — IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862. IBM Guardium Data Encryption (GDE) versiones 4.0.0.0 y 5.0.0.0, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-39026

https://notcve.org/view.php?id=CVE-2021-39026

18 Feb 2022 — IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 213964. IBM Guardium Data Encryption (GDE) versiones 5.0.0.2 y 5.0.0.3, podría permitir a un atacante remoto obtener información confidencial, causada por la falta de habilitación apropiada de... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213864 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-39021

https://notcve.org/view.php?id=CVE-2021-39021

02 Feb 2022 — IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856. IBM Guardium Data Encryption (GDE) 5.0.0.2 se comporta de forma diferente o envía respuestas diferentes en distintas circunstancias de forma observable para un actor no autorizado, lo que podría facilitar la enumeración de nombres de usuario. ID de IBM X-Force: 21385... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213856 • CWE-203: Observable Discrepancy •