Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM73E34DE05A8156B3649951851FB82D66FC4CB962CDCA0762599FBE17961DA864
HistoryJul 02, 2018 - 2:49 p.m.

Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities vulnerability

2018-07-0214:49:58
www.ibm.com
6

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON

Summary

IBM Security Guardium has addressed the following vulnerabilities

Vulnerability Details

CVEID:CVE-2012-3324
**DESCRIPTION:*IBM DB2, when running on Microsft Windows, could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user-supplied input by routines within the UTL_FILE module. An attacker could exploit this vulnerability by using a specially-crafted file name via a vulnerable application to view, modify, or delete arbitrary files on the system.
CVSS Base Score: 8.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/77924 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVEID:CVE-2011-1847
**DESCRIPTION:*IBM DB2 could allow a remote attacker bypass security restrictions, caused by an error in the Relational Data Services component. An attacker could exploit this vulnerability to update table statistics.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/66979 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:CVE-2011-1846
**DESCRIPTION:*IBM DB2 could allow a remote attacker bypass security restrictions, caused by an error in the Relational Data Services component. An attacker could exploit this vulnerability to grant users privileges after the membership has been revoked.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/66980 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Affected Products and Versions

Affected IBM Security Guardium

|

Affected Versions

—|—
IBM Security Guardium | 10.5

Remediation/Fixes

Product

|

VRMF

|

Remediation / First Fix

—|—|—
IBM Security Guardium | 10.5 | https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/…

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security guardiumeq10.5

Related

nessus 3
openvas 3
cve 3
prion 3
ubuntucve 1
ibm 2
nessus
nessus
IBM DB2 9.7 < Fix Pack 4 Multiple Vulnerabilities
2011-04-25 00:00:00
IBM DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities
2011-02-01 00:00:00
IBM DB2 10.1 < Fix Pack 1 Multiple Vulnerabilities
2012-09-28 00:00:00
openvas
openvas
IBM Db2 Multiple Security Bypass Vulnerabilities (May 2011)
2011-05-16 00:00:00
IBM DB2 Multiple Security Bypass Vulnerabilities (May-11)
2011-05-16 00:00:00
IBM Db2 UTL_FILE Module Directory Traversal Vulnerability - Windows
2012-09-27 00:00:00
cve
cve
CVE-2011-1847
2011-05-03 20:55:00
CVE-2012-3324
2012-09-25 20:55:00
CVE-2011-1846
2011-05-03 20:55:00
prion
prion
Information disclosure
2011-05-03 20:55:00
Directory traversal
2012-09-25 20:55:00
Design/Logic Flaw
2011-05-03 20:55:00
ubuntucve
ubuntucve
CVE-2012-3324
2012-09-25 00:00:00
ibm
ibm
Security Bulletin: IBM DB2 Security Vulnerability in the UTL_FILE module (CVE-2012-3324).
2022-09-25 22:31:03
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities
2021-04-13 20:46:06

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON
Related for 73E34DE05A8156B3649951851FB82D66FC4CB962CDCA0762599FBE17961DA864
nessus3openvas3cve3prion3ubuntucve1ibm2