CVE-2016-0249SQL Injection in IBM Security Guardium

CWE-89SQL Injection7 documents5 sources
Severity
8.6HIGHNVD
EPSS
0.4%
top 38.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium
Timeline
PublishedOct 16
Latest updateMay 17

Description

SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 3.9 | Impact: 4.7

Affected Packages1 packages

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-rrh9-jpqp-xx8r: SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 82022-05-17
CVEList
CVE-2016-0249: SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 82016-10-16

💬Community

3
Bugzilla
CVE-2016-7033 JBoss bpms: stored XSS in dashbuilder2016-09-06
Bugzilla
CVE-2016-6344 JBoss bpms 6.3.x cookie does not set httponly2016-08-31
Bugzilla
CVE-2016-4434 tika: XML External Entity vulnerability2016-05-27
CVE-2016-0249 — SQL Injection in IBM Security Guardium | cvebase