Ibm Guardium For Cloud Key Management — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Guardium For Cloud Key Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2019-4694 — CVSS 9.8 (critical): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses…
CVE-2019-4713 — CVSS 8.8 (high): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote authenticated attacker to execute arbitrary commands on the…
CVE-2019-4689 — CVSS 7.5 (high): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to…
CVE-2019-4698 — CVSS 7.5 (high): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it…
CVE-2019-4697 — CVSS 6.5 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated…
CVE-2019-4691 — CVSS 5.4 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2019-4692 — CVSS 5.3 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. The information can be used to…
CVE-2019-4701 — CVSS 5.3 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM…
CVE-2019-4686 — CVSS 5.3 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers…
CVE-2019-4693 — CVSS 4.4 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged…
CVE-2019-4688 — CVSS 4.3 (medium): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers…
CVE-2019-4699 — CVSS 2.7 (low): IBM Security Guardium Data Encryption (GDE) 3.0.0.2 generates an error message that includes sensitive information about its environment…