|
195671
|
7.5 |
HIGH
Network
|
ibm
|
guardium_data_encryption
|
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196217.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2021-20415
|
2024-11-21 14:46 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195672
|
7.5 |
HIGH
Network
|
ibm
|
guardium_data_encryption
|
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195711.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2021-20379
|
2024-11-21 14:46 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195673
|
8.8 |
HIGH
Network
|
ibm
|
guardium_data_encryption
|
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 1957…
|
CWE-613
Insufficient Session Expiration
|
CVE-2021-20378
|
2024-11-21 14:46 |
2021-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195674
|
6.5 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting. An attacker could potentially bypass business logic to modify the…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2021-20461
|
2024-11-21 14:46 |
2021-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195675
|
4.3 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could be vulnerable to cross-site request forgery (CSRF) which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit…
|
CWE-352
Origin Validation Error
|
CVE-2021-20580
|
2024-11-21 14:46 |
2021-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195676
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings. IBM X-Force ID: 197791.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-20490
|
2024-11-21 14:46 |
2021-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195677
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20477
|
2024-11-21 14:46 |
2021-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195678
|
8.8 |
HIGH
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulne…
|
CWE-74
Injection
|
CVE-2021-20574
|
2024-11-21 14:46 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195679
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-20573
|
2024-11-21 14:46 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195680
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause th…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-20572
|
2024-11-21 14:46 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
