CVE-2016-0328

CWE-77 — Command Injection3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 65.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Guardium Database Activity Monitor

Timeline

PublishedOct 22

Latest updateMay 17

Description

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDibm/security_guardium_database_activity_monitor7 versions+6

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-fm27-fvhq-2r52: IBM Security Guardium Database Activity Monitor 8↗2022-05-17

▶

CVEList

CVE-2016-0328: IBM Security Guardium Database Activity Monitor 8↗2016-10-22

▶