Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Infosphere Guardium Security Vulnerabilities

cve
cve

CVE-2012-2204

InfoSphere Guardium aix_ktap module: DoS

5.5CVSS

5.6AI Score

0.0004EPSS

2020-02-10 04:15 PM
91
cve
cve

CVE-2012-3309

Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative acc...

7.2AI Score

0.002EPSS

2012-08-29 10:55 PM
35
cve
cve

CVE-2012-3312

The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

4.5AI Score

0.002EPSS

2012-08-29 10:55 PM
32
cve
cve

CVE-2012-3336

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282.

8.8CVSS

8.3AI Score

0.001EPSS

2020-09-01 04:15 PM
57
cve
cve

CVE-2012-3337

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284.

5.3CVSS

5.2AI Score

0.001EPSS

2020-09-01 04:15 PM
155
cve
cve

CVE-2012-3338

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286.

5.3CVSS

5.2AI Score

0.001EPSS

2020-09-01 05:15 PM
33
cve
cve

CVE-2012-3340

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.

4.3CVSS

4.2AI Score

0.001EPSS

2020-09-01 05:15 PM
23
cve
cve

CVE-2012-3341

IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of th...

5.4CVSS

5.5AI Score

0.001EPSS

2020-09-01 05:15 PM
39
cve
cve

CVE-2013-0490

Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors.

6.5AI Score

0.0004EPSS

2013-02-27 09:55 PM
18