Vulnerabilities > IBM > Guardium FOR Cloud KEY Management > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-26 | CVE-2019-4713 | Unspecified vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
2020-08-26 | CVE-2019-4698 | Weak Password Requirements vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
2020-08-26 | CVE-2019-4689 | Cleartext Transmission of Sensitive Information vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 7.5 |