9 matches found
CVE-2016-0236
IBM Security Guardium Database Activity Monitor is affected by CVE-2016-0236. A remote authenticated attacker could inject commands into the search field, causing commands to execute with root privileges. Affected product versions include Guardium DA Monitor 8.2 before p310, 9.x up to 9.5 before ...
CVE-2016-0240
CVE-2016-0240 affects IBM Security Guardium Database Activity Monitor. Affected versions include 8.2 (before p310), 9.0/9.1/9.5 (before p700), and 10.0/10.0.1/10.1. The root issue is that the product does not enable HTTP Strict-Transport-Security (HSTS), enabling potential man‑in‑the‑middle discl...
CVE-2016-0235
CVE-2016-0235 affects IBM Security Guardium Database Activity Monitor V10, where a hard-coded password available to an administrator or root user enables potential access across GRUB-based systems. The root cause is use of a hard-coded credential within the Guardium component, allowing local acce...
CVE-2018-1368
CVE-2018-1368 affects IBM Security Guardium Database Activity Monitor (Guardium) versions 9.0, 9.1 and 9.5, with an Insufficient Authorization Checks flaw allowing a local low-privilege user to view report pages and perform admin-level actions. The IBM advisory lists affected releases (9.0–9.5 an...
CVE-2016-0237
The CVE-2016-0237 entry affects IBM Security Guardium Database Activity Monitor V10. The vulnerability allows a local attacker to obtain sensitive information by reading locally cached browser data, as described in the IBM bulletin and vendor/NVD records. Root cause: information disclosure via ca...
CVE-2017-1601
CVE-2017-1601 affects IBM Security Guardium Database Activity Monitor: vulnerable in versions 10.0, 10.0.1, and 10.1–10.1.4 where strong-password requirements are not enforced by default, enabling potential account compromise. The IBM bulletin enumerates the affected releases and provides remedia...
CVE-2016-0239
CVE-2016-0239 affects IBM Security Guardium Database Activity Monitor (versions 9.0, 9.1, 9.5 before p700; 10.0, 10.0.1 before p100). A remote authenticated attacker can issue an HTTP request with administrator privileges due to an improper authorization vulnerability. IBM’s bulletin lists remedi...
CVE-2016-0241
CVE-2016-0241 affects IBM Security Guardium Database Activity Monitor. Affected versions: 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100. Root cause: flaw in HTTP login request handling allowing remote authenticated users to spoof administrator accounts. Impact: u...
CVE-2016-0328
IBM Security Guardium Database Activity Monitor is affected by CVE-2016-0328: versions 8.2 before p310, 9.x up to 9.5 before p700, and 10.x up to 10.1 before p100 allow a local user to inject commands that would be executed with administrator privileges. The vulnerability is categorized as Execut...