IBM Guardium Data Encryption (GDE) is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it lacks an effective filtering escaping. An attacker could exploit the vulnerability by entering special elements to execute certain commands.
CPE | Name | Operator | Version |
---|---|---|---|
IBM Guardium Data Encryption 4. | eq | 0.0.0 | |
IBM Guardium Data Encryption 5. | eq | 0.0.0 |