|
199151
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335.
|
CWE-20
Improper Input Validation
|
CVE-2020-4231
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199152
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4379
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199153
|
4.9 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157.
|
NVD-CWE-noinfo
|
CVE-2020-4378
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199154
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4358
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199155
|
4.3 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4357
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199156
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4350
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199157
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4349
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199158
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force…
|
CWE-862
Missing Authorization
|
CVE-2020-4348
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199159
|
7.5 |
HIGH
Network
|
ibm
|
mobilefirst_platform_foundation
|
IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server l…
|
CWE-200
Information Exposure
|
CVE-2020-4226
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199160
|
8.8 |
HIGH
Network
|
vmware
|
vcloud_director
|
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An aut…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2020-3956
|
2024-11-21 14:32 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
