IBM Security Guardium does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. IBM Security Guardium has fixed this vulnerability
CVEID: CVE-2017-1264**
DESCRIPTION:** IBM Security Guardium does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/124739 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM Security Guardium V9.0, 9.1, 9.5
IBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium| 9X| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p754_SecurityUpdate&includeSupersedes=0&source=fc
IBM Security Guardium| 10x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p230_GPU_Jun-2017-V10.1.3&includeSupersedes=0&source=fc
None