Vulnerabilities > IBM > Security Guardium > 10.1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-05 | CVE-2017-1264 | Improper Authentication vulnerability in IBM Security Guardium IBM Security Guardium 10.0 does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. | 7.5 |
| 2017-07-05 | CVE-2017-1254 | XXE vulnerability in IBM Security Guardium IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2017-07-05 | CVE-2017-1253 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.9 |
| 2017-07-05 | CVE-2017-1269 | SQL Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. | 9.8 |
| 2017-07-05 | CVE-2017-1258 | Improper Authentication vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. | 6.5 |
| 2017-07-05 | CVE-2016-0238 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. | 3.7 |
| 2017-04-20 | CVE-2017-1122 | Unspecified vulnerability in IBM Security Guardium IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. | 7.4 |
| 2017-02-01 | CVE-2016-6065 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root. | 7.8 |