Versions
11.1
11.3, 11.4, 11.5, 12.0
11.3, 11.4, 11.5
10.6
10.5, 10.6, 11.0, 11.1, 11.2, 11.3, 11.4
10.1.3
11.3, 11.4
12.0
11.4
11.4, 11.5, 12.0
10.1
11.5
9.0
10.0
10.1.2
9.1
11.3
10.1.4
10
9.5
11.0
8.2, 9.0, 9.1, 10.0, 10, 9.5, 10.0.1, 10.1, 10.1.2
10.5
10.6, 11.3, 11.4, 11.5
11.2
10.6, 11.3, 11.4
10.0.1
Recent CVEs
CVE-2024-49336
IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2023-47710
IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271525.
CVE-2023-47717
IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.
CVE-2023-47711
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. IBM X-Force ID: 271526.
CVE-2023-47712
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
CVE-2023-47709
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 271524.
CVE-2022-43906
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897.
CVE-2023-0041
IBM Security Guardium 11.5 could allow a user to take over another user's session due to insufficient session expiration. IBM X-Force ID: 243657.