Page 4 of 20 results (0.004 seconds)

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184. IBM Security Verify Information Queue versiones 1.0.6 y 1.0.7, utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 198184 • https://exchange.xforce.ibmcloud.com/vulnerabilities/196184 https://www.ibm.com/support/pages/node/6414763 • CWE-326: Inadequate Encryption Strength CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183. IBM Security Verify Information Queue versiones 1.0.6 y 1.0.7, podría permitir a un usuario llevar a cabo actividades no autorizadas debido a una codificación inapropiada de la salida. IBM X-Force ID: 196183 • https://exchange.xforce.ibmcloud.com/vulnerabilities/196183 https://www.ibm.com/support/pages/node/6414367 • CWE-116: Improper Encoding or Escaping of Output •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078. IBM Security Verify Information Queue versiones 1.0.6 y 1.0.7, podría permitir a un usuario de la red causar una denegación de servicio debido a un valor de cookie no válido que podría impedir futuros inicios de sesión. IBM X-Force ID: 196078 • https://exchange.xforce.ibmcloud.com/vulnerabilities/196078 https://www.ibm.com/support/pages/node/6414363 •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Security Verify Information Queue versión 1.0.6 y 1.0.7, es vulnerable a un ataque cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que el sitio web confía • https://exchange.xforce.ibmcloud.com/vulnerabilities/196077 https://www.ibm.com/support/pages/node/6414365 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196076. IBM Security Verify Information Queue versiones 1.0.6 y 1.0.7, podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría ser usada en nuevos ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/196076 https://www.ibm.com/support/pages/node/6414361 • CWE-209: Generation of Error Message Containing Sensitive Information •