Security Guardium@10.6 Security Vulnerabilities and Issues — Security Guardium@10.6 CVE List

Lucene search

IbmSecurity Guardium10.6

13 matches found

CVE•added 2023/08/16 10:15 p.m.•55 views

CVE-2023-35893

IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.

9.9CVSS8.9AI score0.00201EPSS

CVE•added 2022/11/03 8:15 p.m.•52 views

CVE-2021-39077

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.

4.4CVSS4.2AI score0.00009EPSS

CVE•added 2023/09/05 12:15 a.m.•52 views

CVE-2022-43903

IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.

6.5CVSS5.2AI score0.00035EPSS

CVE•added 2019/10/03 2:15 p.m.•43 views

CVE-2019-4422

IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768.

8.8CVSS8.4AI score0.0063EPSS

CVE•added 2021/01/20 3:15 p.m.•41 views

CVE-2020-4921

IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398.

8.8CVSS8.6AI score0.00539EPSS

CVE•added 2021/11/08 5:15 p.m.•34 views

CVE-2021-29735

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00102EPSS

CVE•added 2021/01/20 3:15 p.m.•33 views

CVE-2020-4688

IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. IBM X-Force ID: 186700.

7.8CVSS8.1AI score0.00138EPSS

CVE•added 2020/07/30 1:15 p.m.•31 views

CVE-2020-4185

IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2020/07/30 1:15 p.m.•31 views

CVE-2020-4186

IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804.

5.3CVSS4.9AI score0.00163EPSS

CVE•added 2020/06/03 3:15 p.m.•31 views

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851.

6.7CVSS6.5AI score0.00018EPSS

CVE•added 2020/08/26 7:15 p.m.•28 views

CVE-2018-1501

IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226.

7.5CVSS7AI score0.00154EPSS

CVE•added 2021/09/15 6:15 p.m.•28 views

CVE-2021-29773

IBM Security Guardium 10.6 and 11.3 could allow a remote authenticated attacker to obtain sensitive information or modify user details caused by an insecure direct object vulnerability (IDOR). IBM X-Force ID: 202865.

5.5CVSS5AI score0.00087EPSS

CVE•added 2020/06/23 6:15 p.m.•27 views

CVE-2020-4188

IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807.

5.3CVSS5.1AI score0.00163EPSS