Page 2 of 20 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1949

https://notcve.org/view.php?id=CVE-2018-1949

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153429. IBM Security Identity Governance and Intelligence, desde la versión 5.2 hasta la 5.2.4.1 Virtual Appliance, divulga información sensible a usuarios no autorizados. Esta información puede emplearse para ejecutar más ataques en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/153429 https://www.ibm.com/support/docview.wss?uid=ibm10872142 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1950

https://notcve.org/view.php?id=CVE-2018-1950

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system. IBM X-Force ID: 153430. IBM Security Identity Governance and Intelligence, desde la versión 5.2 hasta la 5.2.4.1 Virtual Appliance, genera un mensaje de error que incluye información sensible sobre su entorno, usuarios o datos asociados, todo lo cual se podría usar en futuros ataques contra el sistema, IBM X-Force ID: 153430. • https://exchange.xforce.ibmcloud.com/vulnerabilities/153430 https://www.ibm.com/support/docview.wss?uid=ibm10872142 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-1757

https://notcve.org/view.php?id=CVE-2018-1757

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601. IBM Security Identity Governance and Intelligence 5.2.3.2 y 5.2.4 podría permitir que un atacante obtenga información sensible debido a la falta de autenticación en IGI para la aplicación de encuestas. IBM X-Force ID: 148601. • http://www.ibm.com/support/docview.wss?uid=ibm10728883 https://exchange.xforce.ibmcloud.com/vulnerabilities/148601 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 66%CPEs: 2EXPL: 1

CVE-2018-1756 – IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection

https://notcve.org/view.php?id=CVE-2018-1756

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599. IBM Security Identity Governance and Intelligence 5.2.3.2 y 5.2.4 es vulnerable a una inyección SQL. Un atacante remoto podría enviar instrucciones SQL especialmente manipuladas que podrían permitir que el atacante viese información en la base de datos del backend. • https://www.exploit-db.com/exploits/45392 http://www.ibm.com/support/docview.wss?uid=ibm10728883 https://exchange.xforce.ibmcloud.com/vulnerabilities/148599 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0

CVE-2017-1755

https://notcve.org/view.php?id=CVE-2017-1755

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID: 135855. IBM Security Identity Governance Virtual Appliance desde la versión 5.2 hasta la 5.2.3.2 podría permitir que un atacante local inyecte comandos en archivos maliciosos que podrían ser ejecutados por el administrador. IBM X-Force ID: 135855. • http://www.ibm.com/support/docview.wss?uid=swg22016869 https://exchange.xforce.ibmcloud.com/vulnerabilities/135855 •