High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-28	CVE-2023-42004	Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. network low complexity ibm CWE-1236	8.8
2023-08-28	CVE-2022-43904	Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.3/11.4 IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. network low complexity ibm CWE-307	7.5
2023-08-27	CVE-2022-43907	OS Command Injection vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. network low complexity ibm CWE-78	8.8
2023-08-16	CVE-2023-35893	OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. network low complexity ibm CWE-78	8.8
2023-07-19	CVE-2022-43910	Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. local low complexity ibm CWE-281	7.8
2023-06-15	CVE-2022-22307	Incorrect Authorization vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. local low complexity ibm CWE-863	7.8
2023-06-05	CVE-2023-0041	Insufficient Session Expiration vulnerability in IBM Security Guardium 11.5 IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. network low complexity ibm CWE-613	8.8
2021-09-23	CVE-2020-4690	Use of Hard-coded Credentials vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. network low complexity ibm CWE-798	7.5
2021-05-24	CVE-2021-20426	Use of Hard-coded Credentials vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. network low complexity ibm CWE-798	7.5
2021-03-15	CVE-2020-4184	Improper Privilege Management vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. network low complexity ibm CWE-269	7.5