CVE-2021-20433
IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345. Devamını Oku
Devamını oku
CVE-2021-20432
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344. Devamını Oku
CVE-2021-20431
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342. Devamını Oku
CVE-2021-20430
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341. Devamını Oku
CVE-2021-20421
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
CVE-2021-20417
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196219 Devamını Oku
CVE-2021-20416
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 196218. Devamını Oku
CVE-2021-20415
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196217. Devamını Oku
CVE-2021-20413 (guardium_data_encryption)
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212. Devamını Oku
CVE-2021-20413
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212. Devamını Oku
CVE-2021-20401
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075. Devamını Oku
CVE-2021-20400 (qradar_security_information_and_event_manager)
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074. Devamını Oku