CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4174
https://notcve.org/view.php?id=CVE-2020-4174
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683. IBM Security Guardium Insights versión 2.0.1, usa algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 174683 • https://exchange.xforce.ibmcloud.com/vulnerabilities/174683 https://www.ibm.com/support/pages/node/6323297 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1501
https://notcve.org/view.php?id=CVE-2018-1501
IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226. IBM Security Guardium versiones 10.5, 10.6 y 11.0, podrían permitir a un usuario no autorizado obtener información confidencial debido a una falta de controles de seguridad. IBM X-Force ID: 141226 • https://exchange.xforce.ibmcloud.com/vulnerabilities/141226 https://www.ibm.com/support/pages/node/6321357 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4598
https://notcve.org/view.php?id=CVE-2020-4598
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 184823. IBM Security Guardium Insights versión 2.0.1, podría permitir a un atacante remoto conducir ataques de phishing usando un ataque de redireccionamiento abierto. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184823 https://www.ibm.com/support/pages/node/6320061 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4593
https://notcve.org/view.php?id=CVE-2020-4593
IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184747. IBM Security Guardium Insights versión 2.0.1, almacena credenciales de usuario en texto sin cifrar que puede ser leído por un usuario local. IBM X-Force ID: 184747. • https://exchange.xforce.ibmcloud.com/vulnerabilities/184747 https://www.ibm.com/support/pages/node/6320067 • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4170
https://notcve.org/view.php?id=CVE-2020-4170
IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174406. IBM Security Guardium Insights versión 2.0.1, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario que el sitio web confía. IBM X-Force ID: 174406. • https://exchange.xforce.ibmcloud.com/vulnerabilities/174406 https://www.ibm.com/support/pages/node/6320055 • CWE-352: Cross-Site Request Forgery (CSRF) •