Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM098E49B99EC63E438FEAED31EB1ED22D4E82B3E5CDEBE3801F99213C3E668919
HistoryOct 09, 2020 - 7:45 p.m.

Security Bulletin: IBM Security Guardium is affected by an OS Command Injection vulnerabilities

2020-10-0919:45:55
www.ibm.com
14
ibm security guardium
os command injection
vulnerability
cross-site scripting
version 10.5
version 10.6
version 11.0
version 11.1
fix
information security

EPSS

0.001

Percentile

29.7%

JSON

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2020-4183
**DESCRIPTION:**IBM Security Guardium is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174739 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Guardium 10.5
IBM Security Guardium 10.6
IBM Security Guardium 11.0
IBM Security Guardium 11.1

Remediation/Fixes

Product

|

VRMF

|

Remediation / First Fix

—|—|—
IBM Security Guardium | 10.5 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p535_Bundle_Jul-16-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 10.6 | | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p650_Bundle_Jun-01-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 11.0 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p30_Bundle_Aug-25-2020&includeSupersedes=0&source=fc
IBM Security Guardium | 11.1 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p115_Bundle_May-19-2020&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2020-4183
2020-06-04 13:35:17
cve
cve
CVE-2020-4183
2020-06-04 14:15:10
prion
prion
Cross site scripting
2020-06-04 14:15:00
nvd
nvd
CVE-2020-4183
2020-06-04 14:15:10

EPSS

0.001

Percentile

29.7%

JSON
Related for 098E49B99EC63E438FEAED31EB1ED22D4E82B3E5CDEBE3801F99213C3E668919
cvelist1cve1prion1nvd1