VYPR

Security Guardium

by IBM

CVEs (137)

  • CVE-2023-47717May 16, 2024
    risk 0.00cvss epss 0.00

    IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.

  • CVE-2023-47711May 11, 2024
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. IBM X-Force ID: 271526.

  • CVE-2023-47712May 11, 2024
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.

  • CVE-2023-47709May 11, 2024
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 271524.

  • CVE-2023-42004Nov 28, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262.

  • CVE-2022-43906Oct 4, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.

  • CVE-2022-43903Sep 4, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.

  • CVE-2022-43904Aug 27, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.

  • CVE-2023-33852Aug 27, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.

  • CVE-2022-43909Aug 27, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: …

  • CVE-2022-43907Aug 27, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.

  • CVE-2023-30437Aug 27, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.

  • CVE-2023-30436Aug 27, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. …

  • CVE-2023-30435Aug 27, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2023-35893Aug 16, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 258824.

  • CVE-2022-43910Jul 19, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.

  • CVE-2022-43908Jul 19, 2023
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.

  • CVE-2022-22307Jun 15, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: 216753.

  • CVE-2023-0041Jun 5, 2023
    risk 0.00cvss epss 0.00

    IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.

  • CVE-2022-39166Dec 20, 2022
    risk 0.00cvss epss 0.01

    IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.

Page 3 of 7