Vulnerabilities > IBM > Security Guardium

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-42004 Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection.
network
low complexity
ibm
8.8
2023-10-04 CVE-2022-43906 Unspecified vulnerability in IBM Security Guardium 11.5
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.
network
low complexity
ibm
5.3
2023-09-05 CVE-2022-43903 Unspecified vulnerability in IBM Security Guardium 10.6/11.3/11.4
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation.
network
low complexity
ibm
6.5
2023-08-28 CVE-2022-43904 Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.3/11.4
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts.
network
low complexity
ibm CWE-307
7.5
2023-08-27 CVE-2022-43907 OS Command Injection vulnerability in IBM Security Guardium 11.4
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
network
low complexity
ibm CWE-78
8.8
2023-08-27 CVE-2022-43909 Cross-site Scripting vulnerability in IBM Security Guardium 11.4
IBM Security Guardium 11.4 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-08-27 CVE-2023-30435 Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-08-27 CVE-2023-30436 Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2023-08-27 CVE-2023-30437 Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request.
network
low complexity
ibm
5.3
2023-08-27 CVE-2023-33852 SQL Injection vulnerability in IBM Security Guardium 11.4
IBM Security Guardium 11.4 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
5.4