|
195051
|
4.9 |
MEDIUM
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/.…
|
CWE-22
Path Traversal
|
CVE-2021-20511
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195052
|
4.4 |
MEDIUM
Local
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-20510
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195053
|
4.4 |
MEDIUM
Local
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.
|
NVD-CWE-noinfo
|
CVE-2021-20500
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195054
|
2.7 |
LOW
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be us…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20499
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195055
|
5.3 |
MEDIUM
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requests that could be used in further attacks against the system. IBM X-Force ID: 197972.
|
CWE-200
Information Exposure
|
CVE-2021-20498
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195056
|
7.5 |
HIGH
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2021-20497
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195057
|
4.9 |
MEDIUM
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966.
|
CWE-20
Improper Input Validation
|
CVE-2021-20496
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195058
|
3.5 |
LOW
Network
|
ibm
|
security_verify_access
|
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remo…
|
CWE-601
Open Redirect
|
CVE-2021-20534
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195059
|
7.5 |
HIGH
Network
|
ibm
|
security_verify_access
security_access_manager
|
IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-20439
|
2024-11-21 14:46 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195060
|
4.3 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_applications
|
IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20424
|
2024-11-21 14:46 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
