110 matches found
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a User Enumeration - CLI vulnerability (CVE-2017-1601)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-1601 DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Insufficient Authorization Checks vulnerability (CVE-2018-1368 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2018-1368 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a local user with low privileges to view report pages and perform some actions that...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by SQL Injection - gimservlet Vulnerability(CVE-2017-1757 )
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1757 DESCRIPTION: IBM Security Identity Governance Virtual Appliance is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3651 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Client mysqldump component could allow an authenticated attacker to cause ...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL (Multiple CVEs)
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3642 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: Optimizer component could allow an authenticated attacker to cause a deni...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by vulnerabilities in Oracle MySQL
Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2017-3641 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server: DML component could allow an authenticated attacker to cause a denial of...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Password Returned in HTTP Response vulnerability (CVE-2017-1596)
Summary IBM Security Guardium Database Activity Monitor could allow a local attacker to obtain sensitive information via unspecified vectors. IBM Security Guardium Database Activity Monitor has fixed this vulenrability. Vulnerability Details CVEID: CVE-2017-1596 DESCRIPTION: IBM Security Guardium...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Lack or Misconfiguration of Browser Security Header (CVE-2017-1600)
Summary IBM Security Guardium Database Activity Monitor is vulnerable to cross-site scripting. IBM Security Guardium Database Activity Monitor has fixed this vulenrability Vulnerability Details CVEID: CVE-2017-1600 DESCRIPTION: IBM Security Guardium Database Activity Monitor is vulnerable to...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Sensitive Information Leakage vulenrability (CVE-2017-1595)
Summary IBM Security Guardium Database Activity Monitor could allow a local attacker to obtain sensitive information via unspecified vectors. IBM Security Guardium Database Activity Monitor has provided a fix for this vulnerability. Vulnerability Details CVEID: CVE-2017-1595 DESCRIPTION: IBM...
Security Bulletin: Shell injection in CLI 'support execute' command affect IBM Security Guardium (CVE-2016-9974)
Summary IBM Security Guardium Database Activity Monitor could allow a locally authenticated attacker to execute arbitrary commands on the system. Vulnerability Details CVEID: CVE-2016-9974 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a locally authenticated attacker to...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by OS Command Injection (CVE-2016-6065)
Summary IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root. IBM Security Guardium Database Activity Monitor fixed this vulnerability Vulnerability Details CVEID: CVE-2016-6065 DESCRIPTION: IBM Security Guardium...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Open Source MySQL MySQL Vulnerabilities (CVE-2016-6663)
Summary MySQL could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition error while setting stats during MyISAM table repair. An attacker could exploit this vulnerability to change permissions of arbitrary files. IBM Security Guardium Databas...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by the Open Source Oracle MySQL Vulnerabilities (CVE-2016-6664)
Summary Oracle MySQL could allow a local authenticated attacker to gain elevated privileges on the system, caused by the improper handling of the creation of error log file by the mysqldsafe script. An attacker could exploit this vulnerability to gain root privileges on the system. IBM Security...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-3627)
Summary libxml2 is vulnerable to a denial of service, caused by an error in the xmlStringGetNodeList function when parsing xml files while in recover mode. An attacker could exploit this vulnerability to exhaust the stack and cause a segmentation fault. Vulnerability Details CVEID: CVE-2016-3627...
Security Bulletin: IBM Security Guardium is affected by Cross-Site Scripting vulnerability (CVE-2016-0246)
Summary IBM Security Guardium is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Open Source XMLsoft Libxml2 Vulnerabilities (CVE-2016-4483)
Summary libxml2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing a specially crafted XML file if recover mode is used. By persuading a victim to open a specially crafted XML file, a remote attacker could exploit this vulnerability to cause the application to cras...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Missing HTTP Strict-Transport-Security Header vulnerability (CVE-2016-0240)
Summary IBM Security Guardium Database Activity Monitor does not force the HTTP Strict-Transport-Security Header. This could allow an attacker to obtain sensitive information using man in the middle techniques. Vulnerability Details CVEID: CVE-2016-0240 DESCRIPTION: IBM Security Guardium Database...
Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Improper Authorization Vulnerability (CVE-2016-0239)
Summary IBM Security Guardium Database Activity Monitor could allow a remote authenticated attacker to issue a specially HTTP request as administrator. Vulnerability Details CVEID: CVE-2016-0239 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a remote authenticated attack...