Security Bulletin: IBM Security Guardium is affected by a Left over debug code in js files vulnerability

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2020-4187
**DESCRIPTION:**IBM Security Guardium could disclose sensitive information on the login page that could aid in further attacks against the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174805 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Remediation/Fixes

Product

|

VRMF

|

Remediation / First Fix

—|—|—
IBM Security Guardium | 10.5 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p535_Bundle_Jul-16-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 10.6 | | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p650_Bundle_Jun-01-2020&includeSupersedes=0&source=fc

IBM Security Guardium | 11.0 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p30_Bundle_Aug-25-2020&includeSupersedes=0&source=fc
IBM Security Guardium | 11.1 | | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p115_Bundle_May-19-2020&includeSupersedes=0&source=fc

Workarounds and Mitigations

None