CVE-2023-47717

IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.

CVE-2021-39078

IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589.

CVE-2022-39166

IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.

CVE-2021-39077

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.

CVE-2025-25023

IBM Security Guardium 11.4 and 12.1 could allow a privileged user to read any file on the system due to incorrect privilege assignment.

CVE-2025-25026

IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check.

CVE-2017-1257

IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 124684.

CVE-2016-0248

IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors.

CVE-2016-0242

IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message.

CVE-2018-1368

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Fo...

CVE-2021-20377

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569.

CVE-2016-0238

IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409

CVE-2020-4189

IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be used in further attacks against the system. IBM X-Force ID: 174850.

CVE-2020-4678

IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. IBM X-Force ID: 186423.

CVE-2021-20420

IBM Security Guardium 11.2 could disclose sensitive information due to reliance on untrusted inputs that could aid in further attacks against the system. IBM X-Force ID: 196281.

CVE-2020-4679

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424.

CVE-2020-4191

IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174852.