CVE-2016-0239

CWE-2643 documents3 sources

Severity

8.8HIGH

EPSS

0.7%

top 27.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Guardium Database Activity Monitor

Timeline

PublishedOct 22

Latest updateMay 17

Description

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDibm/security_guardium_database_activity_monitor5 versions+4

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-w6pp-7xg6-46m3: IBM Security Guardium Database Activity Monitor 9↗2022-05-17

▶

CVEList

CVE-2016-0239: IBM Security Guardium Database Activity Monitor 9↗2016-10-22

▶