|
197441
|
7.5 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the syste…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-4232
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197442
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335.
|
CWE-20
Improper Input Validation
|
CVE-2020-4231
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197443
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4379
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197444
|
4.9 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157.
|
NVD-CWE-noinfo
|
CVE-2020-4378
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197445
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4358
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197446
|
4.3 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4357
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197447
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4350
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197448
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4349
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197449
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force…
|
CWE-862
Missing Authorization
|
CVE-2020-4348
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197450
|
7.5 |
HIGH
Network
|
ibm
|
mobilefirst_platform_foundation
|
IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server l…
|
CWE-200
Information Exposure
|
CVE-2020-4226
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
