CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-49201
https://notcve.org/view.php?id=CVE-2024-49201
Keyfactor Remote File Orchestrator (aka remote-file-orchestrator) 2.8 before 2.8.1 allows Information Disclosure: sensitive information could be exposed at the debug logging level. • https://github.com/Keyfactor/remote-file-orchestrator/releases/tag/2.8.1 https://keyfactor.com •
CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-49816 – IBM Security Guardium Key Lifecycle Manager information disclosure
https://notcve.org/view.php?id=CVE-2024-49816
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user. • https://www.ibm.com/support/pages/node/7175067 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 3.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-49820 – IBM Security Guardium Key Lifecycle Manager information disclosure
https://notcve.org/view.php?id=CVE-2024-49820
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. • https://www.ibm.com/support/pages/node/7175067 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-49819 – IBM Security Guardium Key Lifecycle Manager information disclosure
https://notcve.org/view.php?id=CVE-2024-49819
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors. • https://www.ibm.com/support/pages/node/7175067 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-49818 – IBM Security Guardium Key Lifecycle Manager information disclosure
https://notcve.org/view.php?id=CVE-2024-49818
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7175067 • CWE-209: Generation of Error Message Containing Sensitive Information •