IBME9E51084637A84ABE0C45DB5B395008356B7CB37A82C75FD905FF64221B9E665Security Bulletin: Improper Authentication vulnerability affects IBM Security Guardium (CVE-2017-1264)
EPSS
Percentile
51.7%
Summary
IBM Security Guardium does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. IBM Security Guardium has fixed this vulnerability
Vulnerability Details
CVEID: CVE-2017-1264**
DESCRIPTION:** IBM Security Guardium does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/124739 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
IBM Security Guardium V9.0, 9.1, 9.5
IBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2
Remediation/Fixes
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium| 9X| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p754_SecurityUpdate&includeSupersedes=0&source=fc
IBM Security Guardium| 10x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p230_GPU_Jun-2017-V10.1.3&includeSupersedes=0&source=fc
Workarounds and Mitigations
None
Related
EPSS
Percentile
51.7%