IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an XML External Entity Injection vulnerability that originates when a networked system or product is not set up with the correct filters to allow references to external entities, which can be exploited by remote attackers to expose sensitive information or consume memory resources.