Vulnerabilities identified in IBM Guardium Data Encryption (GDE). These vulnerability have been fixed in GDE - Guardium Tokenization Server 2.6.0.205. Please apply the latest version to obtain the fixes.
CVEID:CVE-2021-20414
**DESCRIPTION:**IBM Guardium Data Encryption (GDE) could allow a user to bruce force sensitive information due to not properly limiting the number of interactions.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196216 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N)
Affected Product
|
Version
—|—
GDE
|
3.0.0.2
Listed vulnerabilities (in this security bulletin) are address in below version of IBM Guardium Data Encryption (GDE). Please apply the latest version to obtain the fix.
Product
|
Fixed Version
|
Link for Fixes
—|—|—
GDE
|
5.0.0.x
|
Thales Portal -> My Products -> Guardium Data Encryption Components
Please apply the latest version to obtain the fixes.