NotCVE - vendor:"Ibm" product:"Security Guardium Key Lifecycle Manager"

Page 3 of 27 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

CVE-2021-38977

https://notcve.org/view.php?id=CVE-2021-38977

15 Nov 2021 — IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 212782. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1 no establece el atributo de seg... • https://exchange.xforce.ibmcloud.com/vulnerabilities/212782 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 6.2EPSS: 0%CPEs: 12EXPL: 0

CVE-2021-38976

https://notcve.org/view.php?id=CVE-2021-38976

15 Nov 2021 — IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. X-Force ID: 212781. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, almacena las credenciales de usuario en texto sin cifrar que puede ser leído por un usuario local. IBM X-Force ID: 212781 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212781 • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2021-38975

https://notcve.org/view.php?id=CVE-2021-38975

15 Nov 2021 — IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 212780. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1 podría permitir a un usuario autenticado obtener información confidencial a partir de una petición HTTP especialmente diseñada. IBM X-Force ID: 212780 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212780 •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2021-38974

https://notcve.org/view.php?id=CVE-2021-38974

15 Nov 2021 — IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to cause a denial of service using specially crafted HTTP requests. IBM X-Force ID: 212779. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, podría permitir a un usuario autenticado causar una denegación de servicio mediante peticiones HTTP especialmente diseñadas. IBM X-Force ID: 212779 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212779 •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-38985

https://notcve.org/view.php?id=CVE-2021-38985

12 Nov 2021 — IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, recibe entradas o datos, pero no comprueba o comprueba incorrectamente que la entrada presenta las propiedades necesarias para procesar los datos de forma segura y correcta • https://exchange.xforce.ibmcloud.com/vulnerabilities/212799 • CWE-20: Improper Input Validation •

CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-38973

https://notcve.org/view.php?id=CVE-2021-38973

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-38972

https://notcve.org/view.php?id=CVE-2021-38972

1 2 3