Description
IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398.
CVSS breakdown
CVSS 3.0
Scope
Unchanged
Availability
Low
Privileges Required
Low
Attack Complexity
Low
Attack Vector
Network
User Interaction
None
Confidentiality
High
Integrity
Low
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / security_guardium10.6 – 10.6
- ibm / security_guardium11.2 – 11.2