Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Guardium Data Encryption  Security Vulnerabilities
CVE-2021-20379
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195711.
CVSS Score
5.9
EPSS Score
0.0
Published
2021-07-07
CVE-2021-20415
IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196217.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-07-07
CVE-2021-20416
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 196218.
CVSS Score
3.7
EPSS Score
0.001
Published
2021-07-07
CVE-2021-20417
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196219
CVSS Score
4.3
EPSS Score
0.001
Published
2021-07-07
CVE-2021-20474
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CVSS Score
6.5
EPSS Score
0.0
Published
2021-07-07
CVE-2021-20413
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-06-28
CVE-2019-4695
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926.
CVSS Score
4.0
EPSS Score
0.0
Published
2020-08-26
CVE-2019-4691
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171828.
CVSS Score
5.4
EPSS Score
0.001
Published
2020-08-26
CVE-2019-4692
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 171829.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-08-26
CVE-2019-4693
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 171831.
CVSS Score
6.0
EPSS Score
0.0
Published
2020-08-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved