Vulnerabilities > IBM > Guardium Data Encryption > 3.0.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-26 | CVE-2019-4694 | Use of Hard-coded Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
2020-08-26 | CVE-2019-4693 | Insufficiently Protected Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. | 2.1 |
2020-08-26 | CVE-2019-4692 | Information Exposure vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. | 5.0 |
2020-08-26 | CVE-2019-4689 | Information Exposure vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.0 |
2020-08-26 | CVE-2019-4686 | Information Exposure vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. | 5.0 |