CVE-2016-0241

CWE-284Improper Access Control10 documents4 sources
Severity
8.8HIGH
EPSS
0.6%
top 31.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium Database Activity Monitor
Timeline
PublishedOct 22
Latest updateMay 17

Description

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-xm2f-hpv7-49w8: IBM Security Guardium Database Activity Monitor 82022-05-17
CVEList
CVE-2016-0241: IBM Security Guardium Database Activity Monitor 82016-10-22

💬Community

7
Bugzilla
CVE-2016-1628 chromium-browser: out-of-bounds read in PDFium2016-02-22
Bugzilla
CVE-2016-1627 chromium-browser: various fixes from internal audits2016-02-10
Bugzilla
CVE-2016-1622 chromium-browser: same-origin bypass in Extensions2016-02-10
Bugzilla
CVE-2016-1626 chromium-browser: out-of-bounds read in PDFium2016-02-10
Bugzilla
CVE-2016-1625 chromium-browser: navigation bypass in Chrome Instant2016-02-10
CVE-2016-0241 (HIGH CVSS 8.8) | IBM Security Guardium Database Acti | cvebase.io