Lucene search

IBMF0CD25AB05D80143B8DF947BC5D8E0A66977C7CC6E41A8AE9CCA577BFD56F155

HistoryJun 07, 2021 - 2:09 p.m.

Security Bulletin: IBM Security Guardium is affected by a Privilege Escalation vulnerability (CVE-2020-4952)

2021-06-0714:09:27

www.ibm.com

ibm security guardium

privilege escalation

vulnerability

fix

version 11.1

version 11.2

version 11.3

access control

root access

cve-2020-4952

EPSS

0.001

Percentile

35.3%

JSON

Summary

IBM Security Guardium has fixed this vulnerability

Vulnerability Details

CVEID:CVE-2020-4952
**DESCRIPTION:**IBM Security Guardium could allow an authenticated user to gain root access due to improper access control.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192028 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Security Guardium	11.1

IBM Security Guardium| 11.2

IBM Security Guardium| 11.3

Remediation/Fixes

Product	Versions	Fix
IBM Security Guardium	11.1
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p130_Bundle_Feb-19-2021&includeSupersedes=0&source=fc
IBM Security Guardium	11.2
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p225_Bundle_Dec-30-2020&includeSupersedes=0&source=fc
IBM Security Guardium	11.3
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p315_Bundle_May-21-2021&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

EPSS

0.001

Percentile

35.3%

JSON

Related for F0CD25AB05D80143B8DF947BC5D8E0A66977C7CC6E41A8AE9CCA577BFD56F155