Product:

Verify_gateway

(Ibm)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 8
Date Id Summary Products Score Patch Annotated
2020-07-22 CVE-2020-4369 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive information in cleartext that could be obtained by a user. IBM X-Force ID: 179004. Verify_gateway 5.5
2020-07-22 CVE-2020-4371 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008. Verify_gateway 3.3
2020-07-22 CVE-2020-4372 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 179009 Verify_gateway 7.8
2020-07-22 CVE-2020-4385 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 179266. Verify_gateway 9.8
2020-07-22 CVE-2020-4397 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 179428. Verify_gateway 5.9
2020-07-22 CVE-2020-4399 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could allow an authenticated user to send malformed requests to cause a denial of service against the server. IBM X-Force ID: 179476. Verify_gateway 6.5
2020-07-22 CVE-2020-4400 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 179478. Verify_gateway 7.5
2020-07-27 CVE-2020-4405 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could disclose potentially sensitive information to an authenticated user due to world readable log files. IBM X-Force ID: 179484. Verify_gateway 4.3