Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7F36C3A6A98C267AF52936D9E67F8B6EB450E9DDF2F8D7AE76DA8ECD64A3C6CD
HistoryOct 09, 2020 - 7:43 p.m.

Security Bulletin: IBM Security Guardium is affected by an Improper Restriction of Excessive Authentication Attempts vulnerability

2020-10-0919:43:39
www.ibm.com
13
ibm security guardium
account lockout setting
remote attacker
brute force
version 10.5
version 10.6
version 11.0
version 11.1
vulnerability fix

EPSS

0.007

Percentile

79.8%

JSON

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2020-4193
**DESCRIPTION:**IBM Security Guardium uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174857 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Guardium 10.5
IBM Security Guardium 10.6
IBM Security Guardium 11.0
IBM Security Guardium 11.1

Remediation/Fixes

Product

|

VRMF

|

Remediation / First Fix

—|—|—
IBM Security Guardium | 10.5 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p535_Bundle_Jul-16-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 10.6 | | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p650_Bundle_Jun-01-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 11.0 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p30_Bundle_Aug-25-2020&includeSupersedes=0&source=fc
IBM Security Guardium | 11.1 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p115_Bundle_May-19-2020&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

Related

cvelist 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2020-4193
2020-06-04 13:35:18
nvd
nvd
CVE-2020-4193
2020-06-04 14:15:10
prion
prion
Code injection
2020-06-04 14:15:00
cve
cve
CVE-2020-4193
2020-06-04 14:15:10

EPSS

0.007

Percentile

79.8%

JSON
Related for 7F36C3A6A98C267AF52936D9E67F8B6EB450E9DDF2F8D7AE76DA8ECD64A3C6CD
cvelist1nvd1prion1cve1