Vulnerabilities > IBM > Security Secret Server > 10.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-14 | CVE-2021-20508 | Information Exposure Through an Error Message vulnerability in IBM Security Secret Server IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
2021-09-14 | CVE-2021-20569 | Improper Input Validation vulnerability in IBM Security Secret Server IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation. | 5.3 |
2021-09-14 | CVE-2021-20582 | Information Exposure vulnerability in IBM Security Secret Server IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. | 5.3 |
2020-09-23 | CVE-2020-4340 | Improper Certificate Validation vulnerability in IBM Security Secret Server IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation. | 4.3 |
2020-09-23 | CVE-2020-4324 | Improper Input Validation vulnerability in IBM Security Secret Server IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. | 4.3 |