CVE-2021-38938 - How IBM HATS Exposed Thousands of User Credentials in Plain Text
In late 2021, a critical vulnerability was uncovered in IBM Host Access Transformation Services (HATS). Known as CVE-2021-38938, this flaw meant that certain versions of
CVE-2021-39090 - How a Missing HTTP Strict Transport Security Setting in IBM Cloud Pak for Security Leaked Sensitive Data
In 2021, a security flaw was discovered in IBM Cloud Pak for Security (CP4S), versions 1.10.. through 1.10.6.. This weakness, tracked as
CVE-2023-38367 - How Unauthenticated Attackers Can Control IBM Cloud Pak Foundational Services IdP (with Exploit Details)
In mid-2023, IBM disclosed a critical security issue—tracked as CVE-2023-38367—in its Cloud Pak Foundational Services Identity Provider (IdP) API. Affecting a range of
CVE-2023-27545 - How IBM Watson CloudPak for Data Data Stores Exposes Sensitive Data Locally
In March 2023, IBM disclosed a new security vulnerability in its flagship data platform, IBM Watson CloudPak for Data. Tracked as CVE-2023-27545, this flaw allows
CVE-2023-25921 - How IBM Security Guardium Key Lifecycle Manager Exposed Itself to Dangerous File Uploads
In early 2023, security researchers uncovered a serious vulnerability in IBM Security Guardium Key Lifecycle Manager—commonly referred to as SKLM—from version 3. up
Episode
00:00:00
00:00:00