IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213862. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku…
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213860. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak:…
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…
IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856. Devamını Oku
IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856. Devamını Oku
IBM Guardium Data Encryption (GDE) 4.0.0.7 and lower stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 213855. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
IBM Engineering Lifecycle Optimization – Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…
IBM Engineering Lifecycle Optimization – Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213655. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…