Vulnerabilities > IBM > Security Secret Server > 10.9

DATE CVE VULNERABILITY TITLE RISK
2021-09-14 CVE-2021-20508 Information Exposure Through an Error Message vulnerability in IBM Security Secret Server
IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
2021-09-14 CVE-2021-20569 Improper Input Validation vulnerability in IBM Security Secret Server
IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation.
network
low complexity
ibm CWE-20
5.3
2021-09-14 CVE-2021-20582 Information Exposure vulnerability in IBM Security Secret Server
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters.
network
low complexity
ibm CWE-200
5.3