Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm security guardium 10.1 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2017-1254
IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 124634.
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.0
6.4
CVSSv2
CVE-2017-1258
IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1
5
CVSSv2
CVE-2017-1264
IBM Security Guardium 10.0 does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. IBM X-Force ID: 124739.
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1.2
7.5
CVSSv2
CVE-2017-1269
IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
6.5
CVSSv2
CVE-2017-1253
IBM Security Guardium 10.0 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 124633.
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.2
4
CVSSv2
CVE-2016-0242
IBM Security Guardium 10.x up to and including 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message.
Ibm Security Guardium 10.01
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1
5
CVSSv2
CVE-2017-1255
IBM Security Guardium 10.0, 10.0.1, and 10.1 up to and including 10.1.4 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 124675.
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.3
Ibm Security Guardium 10.1.4
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1.2
4.3
CVSSv2
CVE-2016-0238
IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an malicious user to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
Ibm Security Guardium 10.1.2
Ibm Security Guardium 9.1
Ibm Security Guardium 10.0
Ibm Security Guardium 9.0
Ibm Security Guardium 10.1
Ibm Security Guardium 9.5
5
CVSSv2
CVE-2017-1267
IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742.
Ibm Security Guardium 9.1
Ibm Security Guardium 10.1.2
Ibm Security Guardium 9.5
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1
Ibm Security Guardium 9.0
2.1
CVSSv2
CVE-2016-0247
IBM Security Guardium 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 allows local users to obtain sensitive cleartext information via unspecified vectors, as demonstrated by password information.
Ibm Security Guardium 9.1
Ibm Security Guardium 9.5
Ibm Security Guardium 10.1
Ibm Security Guardium 10.01
Ibm Security Guardium 10.0
Ibm Security Guardium 8.2
Ibm Security Guardium 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »