Lucene search
China National Vulnerability DatabaseCNVD-2023-66736HistoryAug 29, 2023 - 12:00 a.m.
IBM Security Guardium Command Execution Vulnerability (CNVD-2023-66736)
2023-08-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
ibm
security
guardium
command execution
vulnerability
data protection
remote attacker
arbitrary commands
version 11.4
0.001 Low
EPSS
Percentile
28.9%
IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A command execution vulnerability exists in IBM Security Guardium version 11.4, which stems from the application’s failure to properly filter construct command special characters, commands, etc. An authenticated, remote attacker could exploit this vulnerability to execute arbitrary commands on the system by sending a specially crafted request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security guardium | eq | 11.4 |
Related
cvelist
cvelist
CVE-2022-43907 IBM Security Guardium command execution
2023-08-27 22:38:20
prion
prion
Design/Logic Flaw
2023-08-27 23:15:00
nvd
nvd
CVE-2022-43907
2023-08-27 23:15:28
cve
cve
CVE-2022-43907
2023-08-27 23:15:28
ibm
ibm