Security Guardium Security Vulnerabilities and Issues — Security Guardium CVE List

Lucene search

IbmSecurity Guardium

12 matches found

CVE•added 2019/07/02 3:15 p.m.•71 views

CVE-2019-4292

IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.

8.8CVSS8.7AI score0.03721EPSS

CVE•added 2023/08/27 11:15 p.m.•71 views

CVE-2023-30435

IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

8.9CVSS5.4AI score0.001EPSS

CVE•added 2023/06/05 1:15 a.m.•63 views

CVE-2023-0041

IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.

8.8CVSS7.1AI score0.00048EPSS

CVE•added 2023/08/27 11:15 p.m.•57 views

CVE-2022-43907

IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.

8.8CVSS7.9AI score0.00101EPSS

CVE•added 2023/11/28 11:15 a.m.•54 views

CVE-2023-42004

IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.

8.8CVSS8.2AI score0.00121EPSS

CVE•added 2023/07/19 3:15 a.m.•46 views

CVE-2022-43910

IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.

8.4CVSS7.6AI score0.00021EPSS

CVE•added 2019/10/03 2:15 p.m.•43 views

CVE-2019-4422

IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768.

8.8CVSS8.4AI score0.0063EPSS

CVE•added 2017/12/20 6:29 p.m.•41 views

CVE-2017-1757

IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858.

8.8CVSS8.6AI score0.01075EPSS

CVE•added 2020/10/12 2:15 p.m.•41 views

CVE-2020-4689

IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.

8.5CVSS6.8AI score0.00784EPSS

CVE•added 2021/01/20 3:15 p.m.•41 views

CVE-2020-4921

IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398.

8.8CVSS8.6AI score0.00539EPSS

CVE•added 2016/10/16 9:59 p.m.•40 views

CVE-2016-0249

SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

8.6CVSS8.8AI score0.00408EPSS

CVE•added 2021/05/24 2:15 p.m.•34 views

CVE-2020-4990

IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 192710.

8.8CVSS8.6AI score0.00539EPSS