Infosphere Guardium Security Vulnerabilities and Issues — Infosphere Guardium CVE List

Lucene search

IbmInfosphere Guardium

9 matches found

CVE•added 2020/09/01 4:15 p.m.•165 views

CVE-2012-3337

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284.

5.3CVSS5.2AI score0.00543EPSS

CVE•added 2020/02/10 4:15 p.m.•99 views

CVE-2012-2204

InfoSphere Guardium aix_ktap module: DoS

5.5CVSS5.6AI score0.00055EPSS

CVE•added 2020/09/01 4:15 p.m.•64 views

CVE-2012-3336

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282.

8.8CVSS8.3AI score0.00468EPSS

CVE•added 2020/09/01 5:15 p.m.•47 views

CVE-2012-3341

IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of th...

6.4CVSS5.5AI score0.00241EPSS

CVE•added 2012/08/29 10:55 p.m.•39 views

CVE-2012-3309

Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative acc...

6.8CVSS7.2AI score0.00146EPSS

CVE•added 2012/08/29 10:55 p.m.•38 views

CVE-2012-3312

The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS4.5AI score0.00349EPSS

CVE•added 2020/09/01 5:15 p.m.•38 views

CVE-2012-3338

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286.

5.3CVSS5.2AI score0.00298EPSS

CVE•added 2020/09/01 5:15 p.m.•30 views

CVE-2012-3340

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.

4.3CVSS4.2AI score0.00205EPSS

CVE•added 2013/02/27 9:55 p.m.•24 views

CVE-2013-0490

Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors.

7.2CVSS6.5AI score0.00048EPSS