5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
IBM has released the following patch for IBM Security Guardium in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754
CVEID: CVE-2017-5753 CVEID:CVE-2017-5715 CVEID:CVE-2017-5754** **
IBM Security Guardium V8.2
IBM Security Guardium V9.0, 9.1, 9.5
IBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium| 8.2| Please contact support
IBM Security Guardium| 9.0 - 9.1| Upgrade to 9.5 using the following patch, then apply fix under 9.5 in next row.
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=9.0&platform=Linux&function=fixId&fixids=SqlGuard_9.0p750_GPU_March-2017_64-bit&includeSupersedes=0&source=fc
IBM Security Guardium| 9.5| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6024_SecurityUpdate&includeSupersedes=0&source=fc
IBM Security Guardium| 10.0 - 10.1| Upgrade to 10.1.4 using the following patch, then apply fix under 10.1.2-10.1.4 in next row.
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p400_GPU_Dec-2017-V10.1.4&includeSupersedes=0&source=fc
IBM Security Guardium | 10.1.2 - 10.1.4| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6024_SecurityUpdate&includeSupersedes=0&source=fc
None
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N