Security Guardium@11.4 Security Vulnerabilities and Issues — Security Guardium@11.4 CVE List

Lucene search

IbmSecurity Guardium11.4

11 matches found

CVE•added 2023/08/27 11:15 p.m.•71 views

CVE-2022-43909

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.

5.4CVSS4.7AI score0.00135EPSS

CVE•added 2023/08/27 11:15 p.m.•71 views

CVE-2023-30435

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

8.9CVSS5.4AI score0.001EPSS

CVE•added 2023/08/27 11:15 p.m.•69 views

CVE-2023-30437

IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.

5.3CVSS5.1AI score0.00103EPSS

CVE•added 2023/08/27 11:15 p.m.•63 views

CVE-2023-33852

IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.

7.6CVSS6AI score0.00058EPSS

CVE•added 2023/08/28 12:15 a.m.•60 views

CVE-2022-43904

IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.

7.5CVSS7.3AI score0.00082EPSS

CVE•added 2023/08/27 11:15 p.m.•60 views

CVE-2023-30436

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.

5.5CVSS5.2AI score0.00096EPSS

CVE•added 2023/08/27 11:15 p.m.•57 views

CVE-2022-43907

IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.

8.8CVSS7.9AI score0.00101EPSS

CVE•added 2023/08/16 10:15 p.m.•55 views

CVE-2023-35893

IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.

9.9CVSS8.9AI score0.00201EPSS

CVE•added 2023/11/28 11:15 a.m.•54 views

CVE-2023-42004

IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.

8.8CVSS8.2AI score0.00121EPSS

CVE•added 2023/06/15 1:15 a.m.•52 views

CVE-2022-22307

IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: 216753.

7.8CVSS5.2AI score0.0002EPSS

CVE•added 2023/09/05 12:15 a.m.•52 views

CVE-2022-43903

IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.

6.5CVSS5.2AI score0.00035EPSS