Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm guardium data encryption 4.0.0.4 vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv2
CVE-2021-20378
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 195709.
Ibm Guardium Data Encryption 3.0.0.2Ibm Guardium Data Encryption 4.0.0.4
5
CVSSv2
CVE-2021-20416
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote malicious user to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Fo...
Ibm Guardium Data Encryption 4.0.0.4Ibm Guardium Data Encryption 3.0.0.3
5
CVSSv2
CVE-2021-20379
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 195711.
Ibm Guardium Data Encryption 3.0.0.3Ibm Guardium Data Encryption 4.0.0.4
5
CVSSv2
CVE-2021-20474
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Ibm Guardium Data Encryption 3.0.0.2Ibm Guardium Data Encryption 4.0.0.4
5
CVSSv2
CVE-2021-20413
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212.
Ibm Guardium Data Encryption 4.0.0.4
5
CVSSv2
CVE-2021-20415
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 196217.
Ibm Guardium Data Encryption 4.0.0.4
4
CVSSv2
CVE-2021-20417
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196219
Ibm Guardium Data Encryption 4.0.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook