|
200121
|
5.3 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout which could allow a user to obtain sensitive information from another users' session. IBM X-Force ID: …
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4995
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200122
|
8.2 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446.
|
NVD-CWE-noinfo
|
CVE-2020-4795
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200123
|
5.3 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4791
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200124
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow a user to cause a denial of service due to improperly validating a supplied URL, rendering the application unusuable. IBM X-Force I…
|
CWE-20
Improper Input Validation
|
CVE-2020-4790
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200125
|
5.5 |
MEDIUM
Local
|
ibm
|
powerha
|
IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969.
|
NVD-CWE-noinfo
|
CVE-2020-4832
|
2024-11-21 14:33 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200126
|
4.3 |
MEDIUM
Adjacent
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178.
|
NVD-CWE-noinfo
|
CVE-2020-5032
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200127
|
6.5 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force I…
|
CWE-20
Improper Input Validation
|
CVE-2020-4828
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200128
|
4.3 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tr…
|
CWE-352
Origin Validation Error
|
CVE-2020-4827
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200129
|
4.3 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tr…
|
CWE-352
Origin Validation Error
|
CVE-2020-4826
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200130
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI th…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4825
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
