CVE-2016-0236
HIGHIBM Security Guardium Database Activity Monitor <10.1 - Command Inj...
Title source: llmDescription
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21990372
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93823
Scores
CVSS v3
8.8
EPSS
0.0255
EPSS Percentile
83.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-77
Status
published
Products (7)
ibm/security_guardium_database_activity_monitor
8.2
ibm/security_guardium_database_activity_monitor
9.0
ibm/security_guardium_database_activity_monitor
9.1
ibm/security_guardium_database_activity_monitor
9.5
ibm/security_guardium_database_activity_monitor
10.0
ibm/security_guardium_database_activity_monitor
10.1
ibm/security_guardium_database_activity_monitor
10.01
Published
Oct 21, 2016
Tracked Since
Feb 18, 2026