CVE-2021-39022
published 2022-03-10CVE-2021-39022: IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | guardium_data_encryption | — | — |
| ibm | guardium_data_encryption | — | — |
| ibm | security_guardium_data_encryption | — | — |
| ibm | security_guardium_data_encryption | — | — |