VYPR

Guardium Data Protection

by IBM

CVEs (7)

  • CVE-2026-8405MedMay 27, 2026
    risk 0.42cvss 6.5epss 0.00

    IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" (LTR) can expose sensitive credentials in debug mode.

  • CVE-2026-4918MedApr 23, 2026
    risk 0.36cvss 5.5epss 0.00

    IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a…

  • CVE-2026-4917MedApr 23, 2026
    risk 0.32cvss 4.9epss 0.00

    IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to write arbitrary files on the system.

  • CVE-2026-1274MedApr 23, 2026
    risk 0.32cvss 4.9epss 0.00

    IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel.

  • CVE-2026-4919MedApr 23, 2026
    risk 0.31cvss 4.8epss 0.00

    IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2026-1272LowApr 23, 2026
    risk 0.18cvss 2.7epss 0.00

    IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel.

  • CVE-2025-36020Aug 6, 2025
    risk 0.00cvss epss 0.00

    IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information.