Security Guardium Security Vulnerabilities and Issues — Security Guardium CVE List

Lucene search

IbmSecurity Guardium

19 matches found

CVE•added 2023/07/19 2:15 a.m.•56 views

CVE-2022-43908

IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.

6.5CVSS5.2AI score0.00045EPSS

CVE•added 2024/05/14 1:56 p.m.•55 views

CVE-2023-47711

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. IBM X-Force ID: 271526.

6.5CVSS6.2AI score0.00036EPSS

CVE•added 2023/09/05 12:15 a.m.•52 views

CVE-2022-43903

IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.

6.5CVSS5.2AI score0.00035EPSS

CVE•added 2022/06/29 4:15 p.m.•51 views

CVE-2021-39074

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.8AI score0.00131EPSS

CVE•added 2017/12/20 6:29 p.m.•50 views

CVE-2017-1262

IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web ...

6.1CVSS6.1AI score0.0032EPSS

CVE•added 2024/12/19 6:15 p.m.•47 views

CVE-2024-49336

IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

6.5CVSS5.8AI score0.00042EPSS

CVE•added 2016/06/29 1:59 a.m.•45 views

CVE-2016-0298

Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL.

6.5CVSS5.9AI score0.00362EPSS

CVE•added 2025/05/28 2:15 a.m.•42 views

CVE-2025-25029

IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input.

6.5CVSS4.9AI score0.00034EPSS

CVE•added 2025/06/11 3:15 p.m.•42 views

CVE-2025-3473

IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions created by the program.

6.7CVSS6.9AI score0.00013EPSS

CVE•added 2017/07/05 1:29 p.m.•41 views

CVE-2017-1256

IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124678

6.1CVSS5.8AI score0.0032EPSS

CVE•added 2020/06/04 2:15 p.m.•38 views

CVE-2020-4183

IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174739.

6.1CVSS5.8AI score0.00188EPSS

CVE•added 2018/12/13 4:29 p.m.•37 views

CVE-2018-1817

IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150021.

6.1CVSS5.8AI score0.00166EPSS

CVE•added 2021/05/24 2:15 p.m.•37 views

CVE-2021-20386

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195767.

6.1CVSS6AI score0.00166EPSS

CVE•added 2017/07/05 1:29 p.m.•35 views

CVE-2017-1258

IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685

6.5CVSS6.5AI score0.00178EPSS

CVE•added 2020/06/03 3:15 p.m.•34 views

CVE-2020-4182

6.1CVSS5.8AI score0.00247EPSS

CVE•added 2016/10/22 3:59 a.m.•33 views

CVE-2016-0246

Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

6.1CVSS5.8AI score0.00225EPSS

CVE•added 2020/06/03 3:15 p.m.•31 views

CVE-2020-4190

IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174851.

6.7CVSS6.5AI score0.00018EPSS

CVE•added 2020/06/03 3:15 p.m.•30 views

CVE-2020-4307

IBM Security Guardium 11.1 could allow an attacker on the same network to gain access to the Solr dashboard and cause a denial of service attack. IBM X-Force ID: 176997.

6.5CVSS6.5AI score0.00161EPSS

CVE•added 2021/09/15 6:15 p.m.•26 views

CVE-2021-20433

IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345.

6.5CVSS5.9AI score0.00186EPSS