Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26270 | 1 Ibm | 1 Guardium Cloud Key Manager | 2024-02-28 | N/A | 9.8 CRITICAL |
| IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119. | |||||
| CVE-2023-26272 | 1 Ibm | 1 Guardium Cloud Key Manager | 2024-02-28 | N/A | 5.3 MEDIUM |
| IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 248133. | |||||
| CVE-2023-26271 | 1 Ibm | 1 Guardium Cloud Key Manager | 2024-02-28 | N/A | 7.5 HIGH |
| IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 248126. | |||||