IBM Security Guardium has addressed the following vulnerability.
CVEID: CVE-2017-1272 DESCRIPTION: IBM Security Guardium stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/124747> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected IBM Security Guardium
|
Affected Versions
—|—
IBM Security Guardium | 10.0 -10.5
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Security Guardium | 10.0 - 10.5 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p600_GPU_Nov-2018-V10.6&includeSupersedes=0&source=fc
None