Vulnerabilities > IBM > Guardium FOR Cloud KEY Management > High

DATE CVE VULNERABILITY TITLE RISK
2020-08-26 CVE-2019-4713 Unspecified vulnerability in IBM products
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote authenticated attacker to execute arbitrary commands on the system.
network
low complexity
ibm
8.8
2020-08-26 CVE-2019-4698 Weak Password Requirements vulnerability in IBM products
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
7.5
2020-08-26 CVE-2019-4689 Cleartext Transmission of Sensitive Information vulnerability in IBM products
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
low complexity
ibm CWE-319
7.5