Vulnerabilities > IBM > Guardium FOR Cloud KEY Management > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-26 | CVE-2019-4701 | Unspecified vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is deployed with active debugging code that can create unintended entry points. | 5.3 |
2020-08-26 | CVE-2019-4697 | Insufficiently Protected Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
2020-08-26 | CVE-2019-4693 | Insufficiently Protected Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. | 4.4 |
2020-08-26 | CVE-2019-4692 | Unspecified vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. | 5.3 |
2020-08-26 | CVE-2019-4691 | Cross-site Scripting vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. | 5.4 |
2020-08-26 | CVE-2019-4688 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-08-26 | CVE-2019-4686 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. | 5.3 |