CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4706
https://notcve.org/view.php?id=CVE-2019-4706
01 Jul 2020 — IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to log files which can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. IBM X-Force ID: 172016. IBM Security Identity Manager Virtual Appliance versión 7.0.2, escribe información en los archivos de registro que pueden ser de naturaleza confidencial y brindan una valiosa orientación a un atacante o exponen información confidencial del usuario. IBM X-Force ID: 172016 • https://exchange.xforce.ibmcloud.com/vulnerabilities/172016 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4705
https://notcve.org/view.php?id=CVE-2019-4705
01 Jul 2020 — IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 172015. IBM Security Identity Manager Virtual Appliance versión 7.0.2, revela información confidencial a usuarios no autorizados. La información puede ser usada para montar nuevos ataques sobre el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/172015 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4704
https://notcve.org/view.php?id=CVE-2019-4704
01 Jul 2020 — IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 172014. IBM Security Identity Manager Virtual Appliance versión 7.0.2, no establece el atributo seguro en to... • https://exchange.xforce.ibmcloud.com/vulnerabilities/172014 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4676
https://notcve.org/view.php?id=CVE-2019-4676
01 Jul 2020 — IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512. IBM Security Identity Manager Virtual Appliance, versión 7.0.2 almacena las credenciales de usuario en texto sin cifrar que puede ser leído por un usuario local. IBM X-Force ID: 171512 • https://exchange.xforce.ibmcloud.com/vulnerabilities/171512 • CWE-312: Cleartext Storage of Sensitive Information •