Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF135EC1A9948BC90C7A4A986D9DC9DFE22ECF77B68F7B561F257A9D54A15BE84
HistoryJun 16, 2018 - 9:46 p.m.

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Improper Authentication Vulnerability (CVE-2016-0241)

2018-06-1621:46:17
www.ibm.com
6

0.003 Low

EPSS

Percentile

68.4%

JSON

Summary

IBM Security Guardium Database Activity Monitor could allow a local attacker to bypass security authorization and masquerade as the administrator by manipulating the HTTP login request.

Vulnerability Details

CVEID: CVE-2016-0241**
DESCRIPTION:** IBM Security Guardium Database Activity Monitor could allow a local attacker to bypass security authorization and masquerade as the administrator by manipulating the HTTP login request.
CVSS Base Score: 8.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110415&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Security Guardium Database Activity Monitor Versions 8.2, 9.0, 9.1, 9.5, 10.0, 10.0.1, 10.1

Remediation/Fixes

Product

| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium Database Activity Monitor | 8.2| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_8.2p310_Bundle_Sep-27-2016&includeSupersedes=0&source=fc
IBM Security Guardium Database Activity Monitor | 9x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p700_GPU_September-2016_64-bit,SqlGuard_9.0p1086_LanguageUpdate_GPU-700_64-bit,SqlGuard_9.0p700_GPU_September-2016_32-bit,SqlGuard_9.0p1086_LanguageUpdate_GPU-700_32-bit&includeSupersedes=0&source=fc
IBM Security Guardium Database Activity Monitor | 10x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%2BSecurity&product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p100_GPU-May-2016-V10.1&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

Related

cve 1
nvd 1
seebug 1
cvelist 1
prion 1
talos 1
cve
cve
CVE-2016-0241
2016-10-22 03:59:03
nvd
nvd
CVE-2016-0241
2016-10-22 03:59:03
seebug
seebug
Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability(CVE-2016-0241)
2017-09-20 00:00:00
cvelist
cvelist
CVE-2016-0241
2016-10-22 01:00:00
prion
prion
Design/Logic Flaw
2016-10-22 03:59:00
talos
talos
Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability
2017-04-10 00:00:00

0.003 Low

EPSS

Percentile

68.4%

JSON
Related for F135EC1A9948BC90C7A4A986D9DC9DFE22ECF77B68F7B561F257A9D54A15BE84
cve1nvd1seebug1cvelist1prion1talos1