CVE-2016-0241

HIGH

IBM Security Guardium Database Activity Monitor <10.1 - Privilege E...

Title source: llm
STIX 2.1

Description

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93828
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21990219

Scores

CVSS v3 8.8
EPSS 0.0180
EPSS Percentile 75.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (7)
ibm/security_guardium_database_activity_monitor 8.2
ibm/security_guardium_database_activity_monitor 9.0
ibm/security_guardium_database_activity_monitor 9.1
ibm/security_guardium_database_activity_monitor 9.5
ibm/security_guardium_database_activity_monitor 10.0
ibm/security_guardium_database_activity_monitor 10.1
ibm/security_guardium_database_activity_monitor 10.01
Published Oct 22, 2016
Tracked Since Feb 18, 2026