11 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, utiliza algoritmos criptográficos más débiles de lo esperado lo que podría permitir a un atacante desencriptar información altamente confidencial. ID de IBM X-Force: 161418. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161418 https://www.ibm.com/support/pages/node/1096924 • CWE-326: Inadequate Encryption Strength •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, no establece el atributo seguro para las cookies en las sesiones HTTPS, lo que podría causar que el agente de usuario envíe esas cookies en texto plano por medio de una sesión HTTP. ID de IBM X-Force: 161210. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161210 https://www.ibm.com/support/pages/node/1096384 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 161209. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, utiliza listas negras incompletas para la comprobación de entrada lo que permite a atacantes omitir los controles de la aplicación, resultando en un impacto directo en el sistema y la integridad de los datos. ID de IBM X-Force: 161209. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161209 https://www.ibm.com/support/pages/node/1096906 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be accessible to another control sphere. IBM X-Force ID: 1610141. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, almacena información confidencial en texto sin cifrar dentro de un recurso que podría ser accesible en otra esfera de control. ID de IBM X-Force: 1610141. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161041 https://www.ibm.com/support/pages/node/1096912 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 161037. IBM Security Guardium Big Data Intelligence (SonarG) versión 4.0, divulga información confidencial a usuarios no autorizados. La información puede ser usada para montar futuros ataques en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/161037 https://www.ibm.com/support/pages/node/1098069 • CWE-863: Incorrect Authorization •