Lucene search
+L
IbmSecurity Guardium Database Activity Monitor

9 matches found

CVE
CVE
added 2016/10/21 5:0 p.m.176 views

CVE-2016-0236

IBM Security Guardium Database Activity Monitor is affected by CVE-2016-0236. A remote authenticated attacker could inject commands into the search field, causing commands to execute with root privileges. Affected product versions include Guardium DA Monitor 8.2 before p310, 9.x up to 9.5 before ...

9CVSS8.7AI score0.0255EPSS
CVE
CVE
added 2016/10/22 1:0 a.m.62 views

CVE-2016-0240

CVE-2016-0240 affects IBM Security Guardium Database Activity Monitor. Affected versions include 8.2 (before p310), 9.0/9.1/9.5 (before p700), and 10.0/10.0.1/10.1. The root issue is that the product does not enable HTTP Strict-Transport-Security (HSTS), enabling potential man‑in‑the‑middle discl...

4.3CVSS3.9AI score0.0103EPSS
CVE
CVE
added 2018/03/12 9:0 p.m.48 views

CVE-2016-0235

CVE-2016-0235 affects IBM Security Guardium Database Activity Monitor V10, where a hard-coded password available to an administrator or root user enables potential access across GRUB-based systems. The root cause is use of a hard-coded credential within the Guardium component, allowing local acce...

8.2CVSS7.7AI score0.00349EPSS
CVE
CVE
added 2018/02/09 5:0 p.m.46 views

CVE-2018-1368

CVE-2018-1368 affects IBM Security Guardium Database Activity Monitor (Guardium) versions 9.0, 9.1 and 9.5, with an Insufficient Authorization Checks flaw allowing a local low-privilege user to view report pages and perform admin-level actions. The IBM advisory lists affected releases (9.0–9.5 an...

4.4CVSS4.3AI score0.00293EPSS
CVE
CVE
added 2018/03/12 9:0 p.m.44 views

CVE-2016-0237

The CVE-2016-0237 entry affects IBM Security Guardium Database Activity Monitor V10. The vulnerability allows a local attacker to obtain sensitive information by reading locally cached browser data, as described in the IBM bulletin and vendor/NVD records. Root cause: information disclosure via ca...

5.5CVSS4.9AI score0.00348EPSS
CVE
CVE
added 2018/05/02 1:0 p.m.42 views

CVE-2017-1601

CVE-2017-1601 affects IBM Security Guardium Database Activity Monitor: vulnerable in versions 10.0, 10.0.1, and 10.1–10.1.4 where strong-password requirements are not enforced by default, enabling potential account compromise. The IBM bulletin enumerates the affected releases and provides remedia...

9.8CVSS8.9AI score0.02497EPSS
CVE
CVE
added 2016/10/22 1:0 a.m.41 views

CVE-2016-0239

CVE-2016-0239 affects IBM Security Guardium Database Activity Monitor (versions 9.0, 9.1, 9.5 before p700; 10.0, 10.0.1 before p100). A remote authenticated attacker can issue an HTTP request with administrator privileges due to an improper authorization vulnerability. IBM’s bulletin lists remedi...

8.8CVSS8.1AI score0.01247EPSS
CVE
CVE
added 2016/10/22 1:0 a.m.41 views

CVE-2016-0241

CVE-2016-0241 affects IBM Security Guardium Database Activity Monitor. Affected versions: 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100. Root cause: flaw in HTTP login request handling allowing remote authenticated users to spoof administrator accounts. Impact: u...

8.8CVSS8.1AI score0.018EPSS
CVE
CVE
added 2016/10/22 1:0 a.m.37 views

CVE-2016-0328

IBM Security Guardium Database Activity Monitor is affected by CVE-2016-0328: versions 8.2 before p310, 9.x up to 9.5 before p700, and 10.x up to 10.1 before p100 allow a local user to inject commands that would be executed with administrator privileges. The vulnerability is categorized as Execut...

7.8CVSS7.3AI score0.00492EPSS