Description
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106236
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=swg22014231
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/132610
Scores
CVSS v3
5.9
EPSS
0.0202
EPSS Percentile
78.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-521
Status
published
Products (1)
ibm/security_guardium
10.0 - 10.5
Published
Dec 17, 2018
Tracked Since
Feb 18, 2026