IBM Security Guardium has fixed this vulnerability
CVEID:CVE-2021-29735
**DESCRIPTION:**IBM Security Guardium is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/201239 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium | 10.5 |
IBM Security Guardium| 10.6
IBM Security Guardium| 11.0
IBM Security Guardium| 11.1
IBM Security Guardium| 11.2
IBM Security Guardium| 11.3
Product | Versions | Fix |
---|---|---|
IBM Security Guardium | 10.5 | |
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p545_Bundle_Oct-19-2021&includeSupersedes=0&source=fc | ||
IBM Security Guardium |
10.6
|
IBM Security Guardium|
11.0
|
IBM Security Guardium| 11.1
|
IBM Security Guardium| 11.2
|
IBM Security Guardium| 11.3
|
None