CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4254
https://notcve.org/view.php?id=CVE-2020-4254
IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 175560. IBM Security Guardium Big Data Intelligence versión 1.0 (SonarG), utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial.  IBM X-Force ID: 175560 • https://exchange.xforce.ibmcloud.com/vulnerabilities/175560 https://www.ibm.com/support/pages/node/6348664 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4339
https://notcve.org/view.php?id=CVE-2019-4339
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, utiliza algoritmos criptográficos más débiles de lo esperado lo que podría permitir a un atacante desencriptar información altamente confidencial. ID de IBM X-Force: 161418. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161418 https://www.ibm.com/support/pages/node/1096924 • CWE-326: Inadequate Encryption Strength •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4330
https://notcve.org/view.php?id=CVE-2019-4330
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, no establece el atributo seguro para las cookies en las sesiones HTTPS, lo que podría causar que el agente de usuario envíe esas cookies en texto plano por medio de una sesión HTTP. ID de IBM X-Force: 161210. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161210 https://www.ibm.com/support/pages/node/1096384 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4329
https://notcve.org/view.php?id=CVE-2019-4329
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 161209. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, utiliza listas negras incompletas para la comprobación de entrada lo que permite a atacantes omitir los controles de la aplicación, resultando en un impacto directo en el sistema y la integridad de los datos. ID de IBM X-Force: 161209. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161209 https://www.ibm.com/support/pages/node/1096906 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4314
https://notcve.org/view.php?id=CVE-2019-4314
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. IBM X-Force ID: 1610141. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, almacena información confidencial en texto sin cifrar dentro de un recurso que podría ser accesible en otra esfera de control. ID de IBM X-Force: 1610141. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161041 https://www.ibm.com/support/pages/node/1096912 • CWE-312: Cleartext Storage of Sensitive Information •