CVE-2017-1757SQL Injection in IBM Security Guardium

CWE-89SQL Injection3 documents3 sources
Severity
8.8HIGHNVD
EPSS
1.1%
top 22.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium
Timeline
PublishedDec 20
Latest updateMay 14

Description

IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/security_guardium5 versions+4
NVDibm/security_guardium5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-63vr-4mm9-2p4x: IBM Security Guardium 102022-05-14
CVEList
CVE-2017-1757: IBM Security Guardium 102017-12-20
CVE-2017-1757 — SQL Injection in IBM Security Guardium | cvebase