CVE-2017-1595Sensitive Information Exposure in IBM Security Guardium

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 83.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium
Timeline
PublishedDec 20
Latest updateMay 14

Description

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/security_guardium5 versions+4
NVDibm/security_guardium5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-9v3x-x3r4-pwmp: IBM Security Guardium 102022-05-14
CVEList
CVE-2017-1595: IBM Security Guardium 102017-12-20

💬Community

1
Bugzilla
CVE-2017-7658 jetty: Incorrect header handling2018-06-27
CVE-2017-1595 — Sensitive Information Exposure in IBM | cvebase