» 2021 » 1월

CVE-2020-16112

Posted on 2021년 1월 28일2021년 1월 28일 by admin

CVE-2020-16112

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

Source: CVE-2020-16112

CVE-2020-16109

Posted on 2021년 1월 28일2021년 1월 28일 by admin

CVE-2020-16109

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

Source: CVE-2020-16109

CVE-2020-16110

Posted on 2021년 1월 28일2021년 1월 28일 by admin

CVE-2020-16110

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

Source: CVE-2020-16110

CVE-2020-16106

Posted on 2021년 1월 28일2021년 1월 28일 by admin

CVE-2020-16106

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

Source: CVE-2020-16106

CVE-2020-4967

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-4967

IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. IBM X-Force ID: 192425.

Source: CVE-2020-4967

CVE-2020-4820

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-4820

IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Source: CVE-2020-4820

CVE-2020-4815

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-4815

IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system.

Source: CVE-2020-4815

CVE-2020-4816

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-4816

IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 189703.

Source: CVE-2020-4816

CVE-2020-36012

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-36012

Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.

Source: CVE-2020-36012

CVE-2020-4628

Posted on 2021년 1월 27일2021년 1월 28일 by admin

CVE-2020-4628

IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 185369.

Source: CVE-2020-4628