Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by SQL Injection vulnerability (CVE-2016-0249)

Summary IBM Security Guardium Database Activity Monitor is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database Vulnerability Details CVEID: CVE-2016-0249...

CVE-2016-0249

CVE-2016-0249 affects IBM Security Guardium Database Activity Monitor. Vulnerable line items: Guardium DA Monitor versions 8.2 before p310, 9.x up to 9.5 before p700, and 10.x up to 10.1 before p100. Root cause is SQL injection allowing remote attackers to execute arbitrary SQL via unspecified ve...