Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3337 | 1 Ibm | 1 Infosphere Guardium | 2020-09-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284. | |||||
| CVE-2012-3338 | 1 Ibm | 1 Infosphere Guardium | 2020-09-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286. | |||||
| CVE-2012-3340 | 1 Ibm | 1 Infosphere Guardium | 2020-09-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291. | |||||
| CVE-2012-3341 | 1 Ibm | 1 Infosphere Guardium | 2020-09-03 | 3.5 LOW | 5.4 MEDIUM |
| IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 78294. | |||||
| CVE-2012-2204 | 1 Ibm | 1 Infosphere Guardium | 2020-02-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| InfoSphere Guardium aix_ktap module: DoS | |||||