CVE-2021-20416
published 2021-07-07CVE-2021-20416: IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 196218.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | guardium_data_encryption | — | — |
| ibm | guardium_data_encryption | — | — |
| ibm | guardium_data_encryption | — | — |