|
201971
|
5.9 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …
|
CWE-862
Missing Authorization
|
CVE-2020-4175
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201972
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4174
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201973
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer …
|
CWE-200
Information Exposure
|
CVE-2020-4172
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201974
|
4.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4171
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201975
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174405.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4169
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201976
|
6.5 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain sensitive information or perform unauthorized actions due to improper authenciation mechanisms. IBM X-Force ID: 174403.
|
CWE-287
Improper Authentication
|
CVE-2020-4167
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201977
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used i…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4166
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201978
|
6.1 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote a…
|
CWE-601
Open Redirect
|
CVE-2020-4598
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201979
|
4.4 |
MEDIUM
Local
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184747.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-4593
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201980
|
7.8 |
HIGH
Local
|
ibm
|
sterling_connect\
connect\
|
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to ob…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4587
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
