CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-1255
https://notcve.org/view.php?id=CVE-2017-1255
02 May 2018 — IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 124675. IBM Security Guardium 10.0, 10.0.1 y 10.1 hasta la 10.1.4 utiliza algoritmos criptográficos más débiles que lo esperado que podrían permitir que un atacante descifre información altamente sensible. IBM X-Force ID: 124675. • http://www.ibm.com/support/docview.wss?uid=swg22014537 • CWE-326: Inadequate Encryption Strength •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0235
https://notcve.org/view.php?id=CVE-2016-0235
12 Mar 2018 — IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. IBM X-Force ID: 110326. IBM Security Guardium Database Activity Monitor 10 permite a los usuarios locales tener un impacto no especificado aprovechando el acceso de administrador a una contraseña embebida. Esto está relacionado con su uso en sistemas GRUB. IBM X-Force ID: 110326. • http://www-01.ibm.com/support/docview.wss?uid=swg21981748 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0237
https://notcve.org/view.php?id=CVE-2016-0237
12 Mar 2018 — IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. IBM X-Force ID: 110328. IBM Security Guardium Database Activity Monitor 10 permite a los usuarios locales obtener información sensible mediante la lectura de datos en caché del navegador. IBM X-Force ID: 110328. • http://www-01.ibm.com/support/docview.wss?uid=swg21981631 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1373
https://notcve.org/view.php?id=CVE-2018-1373
02 Mar 2018 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 137773. IBM Security Guardium Big Data Intelligence (SonarG) 3.1 emplea una configuración de bloqueo de cuenta inadecuada que podría permitir que un atacante remoto descifre credenciales de cuenta por fuerza bruta. IBM X-Force ID: 137773. • http://www.ibm.com/support/docview.wss?uid=swg22013750 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1425
https://notcve.org/view.php?id=CVE-2018-1425
27 Feb 2018 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139003. IBM Security Guardium Big Data Intelligence (SonarG) 3.1 emplea algoritmos criptográficos más débiles de lo esperado que podrían permitir que un atacante descifre información altamente sensible. IBM X-Force ID: 139003. • http://www.ibm.com/support/docview.wss?uid=swg22013751 • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1372
https://notcve.org/view.php?id=CVE-2018-1372
27 Feb 2018 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 137772. IBM Security Guardium Big Data Intelligence (SonarG) 3.1 no requiere que los usuarios tengan contraseñas fuertes por defecto, lo que facilita que los atacantes comprometan las cuentas de usuario. IBM X-Force ID: 137772. • http://www.ibm.com/support/docview.wss?uid=swg22013832 • CWE-521: Weak Password Requirements •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1377
https://notcve.org/view.php?id=CVE-2018-1377
26 Feb 2018 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 137778. IBM Security Guardium Big Data Intelligence (SonarG) 3.1 almacena las credenciales de usuario en formato de texto plano, por lo que podrían ser leídos por un usuario local. IBM X-Force ID: 137778. • http://www.ibm.com/support/docview.wss?uid=swg22013596 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1774
https://notcve.org/view.php?id=CVE-2017-1774
26 Feb 2018 — IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 136818. IBM Security Guardium Big Data Intelligence (SonarG) 3.1 divulga información sensible a usuarios sin autorización. Esta información puede emplearse para ejecutar más ataques en el sistema. • http://www.ibm.com/support/docview.wss?uid=swg22013595 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1368
https://notcve.org/view.php?id=CVE-2018-1368
09 Feb 2018 — IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Force ID: 137765. IBM Security Guardium Database Activity Monitor 9.0, 9.1 y 9.5 podría permitir que un usuario local con pocos privilegios vea páginas de reporte y realice algunas acciones que solo deberían estar p... • http://www.ibm.com/support/docview.wss?uid=swg22013302 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-1595
https://notcve.org/view.php?id=CVE-2017-1595
20 Dec 2017 — IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549. IBM Security Guardium 10.0 Database Activity Monitor podría permitir que un atacante local obtenga información altamente sensible mediante vectores sin especificar. IBM X-Force ID: 132549. • http://www.ibm.com/support/docview.wss?uid=swg22009629 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •