CVE-2018-1368
MEDIUMIBM Security Guardium Database Activity Monitor <9.5 - Info Disclosure
Title source: llmDescription
IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Force ID: 137765.
References (3)
Core 3
Core References
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/137765
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg22013302
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040349
Scores
CVSS v3
4.4
EPSS
0.0029
EPSS Percentile
20.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-269
Status
published
Products (3)
ibm/security_guardium_database_activity_monitor
9.0
ibm/security_guardium_database_activity_monitor
9.1
ibm/security_guardium_database_activity_monitor
9.5
Published
Feb 09, 2018
Tracked Since
Feb 18, 2026