Ibm Security Guardium Insights — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Guardium Insights, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-2021-29845 — CVSS 8.8 (high): IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. IBM…
CVE-2020-4594 — CVSS 7.5 (high): IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2020-4169 — CVSS 7.5 (high): IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2020-4596 — CVSS 7.5 (high): IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2020-4174 — CVSS 7.5 (high): IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2020-4595 — CVSS 7.5 (high): IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly…
CVE-2020-4603 — CVSS 7.2 (high): IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which…
CVE-2020-4167 — CVSS 6.5 (medium): IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain sensitive information or perform unauthorized actions due to…
CVE-2020-4598 — CVSS 6.1 (medium): IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By…
CVE-2020-4175 — CVSS 5.9 (medium): IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly…
CVE-2021-29838 — CVSS 5.9 (medium): IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable…
CVE-2020-4165 — CVSS 5.4 (medium): IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to…
CVE-2020-4599 — CVSS 5.3 (medium): IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message…
CVE-2020-4166 — CVSS 5.3 (medium): IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message…
CVE-2020-4600 — CVSS 5.3 (medium): IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message…
CVE-2020-4172 — CVSS 5.3 (medium): IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may lead to information disclosure if…
CVE-2020-4593 — CVSS 4.4 (medium): IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID…
CVE-2020-4602 — CVSS 4.4 (medium): IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID…
CVE-2020-4604 — CVSS 4.4 (medium): IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM…
CVE-2020-4171 — CVSS 4.3 (medium): IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID…
CVE-2020-4170 — CVSS 4.3 (medium): IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2020-4597 — CVSS 4.3 (medium): IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to…
CVE-2020-4173 — CVSS 4.3 (medium): IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be…
CVE-2021-29846 — CVSS 2.7 (low): IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session…