|
198991
|
5.4 |
MEDIUM
Adjacent
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obt…
|
CWE-384
Session Fixation
|
CVE-2020-4954
|
2024-11-21 14:33 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198992
|
5.4 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
case_manager
|
IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4768
|
2024-11-21 14:33 |
2021-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198993
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-5023
|
2024-11-21 14:33 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198994
|
5.5 |
MEDIUM
Local
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913.
|
NVD-CWE-Other
|
CVE-2020-4996
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198995
|
5.3 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout which could allow a user to obtain sensitive information from another users' session. IBM X-Force ID: …
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4995
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198996
|
8.2 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446.
|
NVD-CWE-noinfo
|
CVE-2020-4795
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198997
|
5.3 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4791
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198998
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow a user to cause a denial of service due to improperly validating a supplied URL, rendering the application unusuable. IBM X-Force I…
|
CWE-20
Improper Input Validation
|
CVE-2020-4790
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198999
|
5.5 |
MEDIUM
Local
|
ibm
|
powerha
|
IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969.
|
NVD-CWE-noinfo
|
CVE-2020-4832
|
2024-11-21 14:33 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199000
|
4.3 |
MEDIUM
Adjacent
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178.
|
NVD-CWE-noinfo
|
CVE-2020-5032
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
