CVE-2016-0240

Published: Oct 22, 2016Modified: May 6, 2026

3.7

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.2 / Impact: 1.4

Source: NVD

Description

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.

Affected (7)

Products: Ibm: Security Guardium Database Activity Monitor

Ibm

1 product

Security Guardium Database Activity Monitor

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Guardium Database Activity Monitor	Version 10.01
Ibm Security Guardium Database Activity Monitor	Version 10.0
Ibm Security Guardium Database Activity Monitor	Version 10.1
Ibm Security Guardium Database Activity Monitor	Version 8.2
Ibm Security Guardium Database Activity Monitor	Version 9.0
Ibm Security Guardium Database Activity Monitor	Version 9.1
Ibm Security Guardium Database Activity Monitor	Version 9.5

Related CWEs

CWE-254

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21990232

Source: psirt@us.ibm.com

PatchVDB Entry

http://www.securityfocus.com/bid/93836

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21990232

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVDB Entry

http://www.securityfocus.com/bid/93836

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.