Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20377 | 1 Ibm | 1 Security Guardium | 2021-09-29 | 4.0 MEDIUM | 2.7 LOW |
| IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569. | |||||
| CVE-2017-1261 | 1 Ibm | 1 Security Guardium | 2018-01-03 | 2.1 LOW | 3.3 LOW |
| IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 124736. | |||||
| CVE-2017-1270 | 1 Ibm | 1 Security Guardium | 2018-01-03 | 2.1 LOW | 3.3 LOW |
| IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 124745. | |||||
| CVE-2016-0238 | 1 Ibm | 1 Security Guardium | 2017-07-11 | 4.3 MEDIUM | 3.7 LOW |
| IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409 | |||||
| CVE-2016-0248 | 1 Ibm | 1 Security Guardium | 2016-11-28 | 4.3 MEDIUM | 3.7 LOW |
| IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors. | |||||