CVE-2016-0241
HIGHIBM Security Guardium Database Activity Monitor <10.1 - Privilege E...
Title source: llmDescription
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93828
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21990219
Scores
CVSS v3
8.8
EPSS
0.0180
EPSS Percentile
75.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (7)
ibm/security_guardium_database_activity_monitor
8.2
ibm/security_guardium_database_activity_monitor
9.0
ibm/security_guardium_database_activity_monitor
9.1
ibm/security_guardium_database_activity_monitor
9.5
ibm/security_guardium_database_activity_monitor
10.0
ibm/security_guardium_database_activity_monitor
10.1
ibm/security_guardium_database_activity_monitor
10.01
Published
Oct 22, 2016
Tracked Since
Feb 18, 2026