CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4186
https://notcve.org/view.php?id=CVE-2020-4186
IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804. IBM Security Guardium versiones 10.5, 10.6 y 11.1, podría revelar información confidencial en la página de inicio de sesión que podría ayudar en nuevos ataques contra el sistema. IBM X-Force ID: 174804 • https://exchange.xforce.ibmcloud.com/vulnerabilities/174804 https://www.ibm.com/support/pages/node/6254367 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4185
https://notcve.org/view.php?id=CVE-2020-4185
IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803. IBM Security Guardium versiones 10.5, 10.6 y 11.1, usa algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 174803 • https://exchange.xforce.ibmcloud.com/vulnerabilities/174803 https://www.ibm.com/support/pages/node/6254369 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-4422
https://notcve.org/view.php?id=CVE-2019-4422
IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768. La versiones 9.0, 9.5 y 10.6 de IBM Security Guardium, son vulnerables a una escalada de privilegios que podría permitir a un usuario autenticado cambiar la contraseña de accessmgr. ID de IBM X-Force: 162768. • https://exchange.xforce.ibmcloud.com/vulnerabilities/162768 https://supportcontent.ibm.com/support/pages/node/957491 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-4292
https://notcve.org/view.php?id=CVE-2019-4292
IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698. Security Guardium versión 10.5 de IBM, podría permitir a un atacante remoto cargar archivos arbitrarios, que podría permitir al atacante ejecutar código arbitrario en el servidor web vulnerable. ID de IBM X-Force: 160698. • http://www.securityfocus.com/bid/109005 https://exchange.xforce.ibmcloud.com/vulnerabilities/160698 https://www.ibm.com/support/docview.wss?uid=ibm10888279 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1889
https://notcve.org/view.php?id=CVE-2018-1889
IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152080. IBM Security Guardium 10.0 y 10.5 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/106231 https://exchange.xforce.ibmcloud.com/vulnerabilities/152080 https://www.ibm.com/support/docview.wss?uid=ibm10743371 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •