674 matches found
IBM Security Guardium XML External Entity Injection Vulnerability (CNVD-2024-12704)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...
IBM Security Guardium OS Command Injection Vulnerability (CNVD-2024-11735)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An operating system command injection vulnerability exists ...
CVE-2023-25921
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...
CVE-2023-25921
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...
CVE-2023-25926
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...
Xxe
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...
Design/Logic Flaw
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...
CVE-2023-25921
CVE-2023-25921 affects IBM Security Guardium Key Lifecycle Manager versions 3.0, 3.0.1, 4.0, 4.1, and 4.1.1, allowing an attacker to upload or transfer dangerous-file types that can be automatically processed within the product environment. The Red Hat / IBM bulletin confirms remediation in GKLM ...
CVE-2023-25921 IBM Security Guardium Key Lifecycle Manager file upload
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...
CVE-2023-25921 IBM Security Guardium Key Lifecycle Manager file upload
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620...
CVE-2023-25926
CVE-2023-25926 affects IBM Security Guardium Key Lifecycle Manager (GKLM) 3.0, 3.0.1, 4.0, 4.1, and 4.1.1, with an XML External Entity Injection (XXE) vulnerability when processing XML data. The root cause is XXE in the XML processing path, enabling a remote attacker to potentially expose sensiti...
CVE-2023-25926 IBM Security Guardium Key Lifecycle Manager XML external entity injection
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...
CVE-2023-25926 IBM Security Guardium Key Lifecycle Manager XML external entity injection
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...
IBM Security Guardium 代码问题漏洞
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...
IBM Security Guardium Security Vulnerabilities
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium Ke...
CVE-2023-25925
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...
Design/Logic Flaw
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...
Design/Logic Flaw
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621...
CVE-2023-25925
CVE-2023-25925 affects IBM Security Guardium Key Lifecycle Manager (GKLM) across multiple releases (3.0, 3.0.1, 4.0, 4.1, 4.1.1). A remote authenticated attacker can execute arbitrary commands on the system by sending a specially crafted request, as documented by IBM and Red Hat in their vendor a...
CVE-2023-25925 IBM Security Guardium Key Lifecycle Manager command injection
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632...