Vulnerabilities > IBM > Security Guardium > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-24 | CVE-2021-20385 | Unspecified vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 7.2 |
| 2021-05-24 | CVE-2021-20389 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user. | 7.8 |
| 2021-05-24 | CVE-2021-20419 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-05-24 | CVE-2021-20557 | OS Command Injection vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 7.2 |
| 2021-03-15 | CVE-2020-4184 | Improper Privilege Management vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.3 |
| 2021-01-27 | CVE-2020-4952 | Unspecified vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. | 8.8 |
| 2021-01-20 | CVE-2020-4921 | SQL Injection vulnerability in IBM Security Guardium 10.6/11.2 IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. | 8.8 |
| 2021-01-20 | CVE-2020-4688 | Command Injection vulnerability in IBM Security Guardium 10.6/11.2 IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. | 7.8 |
| 2020-08-26 | CVE-2018-1501 | Missing Authentication for Critical Function vulnerability in IBM Security Guardium 10.5/10.6/11.0 IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. | 7.5 |
| 2020-07-30 | CVE-2020-4185 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 10.5/10.6/11.1 IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |