CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4597
https://notcve.org/view.php?id=CVE-2020-4597
IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 184822. IBM Security Guardium Insights versión 2.0.2, no establece el atributo seguro en tokens de autorización o cookies de sesión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184822 https://www.ibm.com/support/pages/node/6403463 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4596
https://notcve.org/view.php?id=CVE-2020-4596
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812. IBM Security Guardium Insights versión 2.0.2, utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 184812. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184821 https://www.ibm.com/support/pages/node/6403463 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4595
https://notcve.org/view.php?id=CVE-2020-4595
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819. IBM Security Guardium Insights versión 2.0.2, utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 184819. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184819 https://www.ibm.com/support/pages/node/6403463 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4594
https://notcve.org/view.php?id=CVE-2020-4594
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184800. IBM Security Guardium Insights versión 2.0.2, utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 184800. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184800 https://www.ibm.com/support/pages/node/6403463 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4702
https://notcve.org/view.php?id=CVE-2019-4702
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM Security Guardium Data Encryption (GDE) versión 3.0.0.2, especifica los permisos para un recurso crítico de seguridad de una manera que permite que ese recurso sea leído o modificado por actores no deseados. • https://exchange.xforce.ibmcloud.com/vulnerabilities/171937 https://www.ibm.com/support/pages/node/6403331 • CWE-732: Incorrect Permission Assignment for Critical Resource •