CVE-2021-39025
Description
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 could disclose internal IP addresses when the web backend is down.
Vulnerability
IBM Guardium Data Encryption (GDE) versions 4.0.0.0 and 5.0.0.0 contain an information exposure vulnerability where internal IP address information can be disclosed when the web backend is down. Affected components include Guardium Cloud Key Manager (GCKM) 1.10.1 and lower, CipherTrust Tokenization Server (CT-VL) 2.6.3 and lower, and Guardium Data Encryption Server (DSM) 4.0.0.7 and lower [1].
Exploitation
The vulnerability can be exploited by an unauthenticated attacker with network access to the affected system. The attack complexity is low, and no privileges or user interaction are required [1]. The specific sequence involves inducing a web backend failure, which leads to the exposure of internal IP addresses.
Impact
Successful exploitation results in the disclosure of internal IP addresses, potentially aiding an attacker in mapping the internal network. The confidentiality impact is low, and there is no impact on integrity or availability [1].
Mitigation
IBM has released updated versions to address this vulnerability. Users should apply the latest available version for their specific component. No workarounds or mitigations are listed [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 4.0.0.0, 5.0.0.0
- IBM/Security Guardium Data Encryptionv5Range: 4.0.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/213863mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6562169mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.