Filtered by vendor Ibm
Subscriptions
Filtered by product Security Secret Server
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4843 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-09-16 | 4.3 Medium |
| IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048. | ||||
| CVE-2020-4324 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-09-16 | 4.3 Medium |
| IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. IBM X-Force ID: 177515. | ||||
| CVE-2019-4639 | 1 Ibm | 1 Security Secret Server | 2024-09-16 | 7.5 High |
| IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045. | ||||
| CVE-2019-4632 | 1 Ibm | 1 Security Secret Server | 2024-09-16 | 6.1 Medium |
| IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170004. | ||||
| CVE-2020-4840 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-09-16 | 6.1 Medium |
| IBM Security Secret Server 10.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 190044. | ||||