Lucene search

IbmCVELIST:CVE-2021-20385

HistoryMay 24, 2021 - 1:55 p.m.

CVE-2021-20385

2021-05-2413:55:37

ibm

www.cve.org

ibm

security guardium

remote command execution

CVSS3

8.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

50.1%

JSON

IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 195766.

CNA Affected

[
  {
    "product": "Security Guardium",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.2"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/195766

www.ibm.com/support/pages/node/6455281

CVSS3

8.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

50.1%

JSON

Related for CVELIST:CVE-2021-20385