Vulnerabilities > IBM > Security Guardium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-23 | CVE-2020-4188 | Use of Insufficiently Random Values vulnerability in IBM Security Guardium 10.6/11.1 IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. | 5.3 |
| 2020-06-04 | CVE-2020-4193 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2020-06-04 | CVE-2020-4191 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.4 |
| 2020-06-04 | CVE-2020-4183 | Cross-site Scripting vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 is vulnerable to cross-site scripting. | 6.1 |
| 2020-06-03 | CVE-2020-4307 | Unspecified vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. low complexity ibm | 6.5 |
| 2020-06-03 | CVE-2020-4190 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium 10.6/11.0/11.1 IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 6.7 |
| 2020-06-03 | CVE-2020-4187 | Unspecified vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. | 5.3 |
| 2020-06-03 | CVE-2020-4182 | Cross-site Scripting vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 is vulnerable to cross-site scripting. | 6.1 |
| 2020-06-03 | CVE-2020-4180 | OS Command Injection vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2020-06-03 | CVE-2020-4177 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |