Search Results | AttackerKB

Show filters

Topics 196 Users 9,725

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

196 Total Results

Displaying 171-180 of 196

Attacker Value

Unknown

CVE-2017-1757

Disclosure Date: December 20, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858.

0

Attacker Value

Unknown

CVE-2017-1257

Disclosure Date: December 20, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 124684.

0

Attacker Value

Unknown

CVE-2017-1271

Disclosure Date: December 07, 2017 (last updated November 26, 2024)

IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 124746.

0

Attacker Value

Unknown

CVE-2017-1267

Disclosure Date: July 21, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742.

0

Attacker Value

Unknown

CVE-2017-1254

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 124634.

0

Attacker Value

Unknown

CVE-2017-1264

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. IBM X-Force ID: 124739.

0

Attacker Value

Unknown

CVE-2017-1253

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 124633.

0

Attacker Value

Unknown

CVE-2017-1269

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744

0

Attacker Value

Unknown

CVE-2017-1256

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124678

0

Attacker Value

Unknown

CVE-2017-1258

Disclosure Date: July 05, 2017 (last updated November 26, 2024)

IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685

0