Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Security_guardium
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 112 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-08-27 | CVE-2022-43907 | IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901. | Security_guardium | 8.8 | ||
| 2023-08-27 | CVE-2023-30435 | IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291. | Security_guardium | 5.4 | ||
| 2023-08-27 | CVE-2022-43909 | IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905. | Security_guardium | 5.4 | ||
| 2023-08-27 | CVE-2023-30436 | IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292. | Security_guardium | 5.4 | ||
| 2023-08-27 | CVE-2023-30437 | IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293. | Security_guardium | 5.3 | ||
| 2023-08-27 | CVE-2023-33852 | IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614. | Security_guardium | 5.4 | ||
| 2023-08-28 | CVE-2022-43904 | IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895. | Security_guardium | 7.5 | ||
| 2023-09-05 | CVE-2022-43903 | IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894. | Security_guardium | 6.5 | ||
| 2023-10-04 | CVE-2022-43906 | IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897. | Security_guardium | 5.3 | ||
| 2023-11-28 | CVE-2023-42004 | IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents. IBM X-Force ID: 265262. | Security_guardium | 8.8 |