CVE-2016-0241

Published: Oct 22, 2016Modified: May 6, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.

Affected (7)

Products: Ibm: Security Guardium Database Activity Monitor

Ibm

1 product

Security Guardium Database Activity Monitor

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Guardium Database Activity Monitor	Version 10.01
Ibm Security Guardium Database Activity Monitor	Version 10.0
Ibm Security Guardium Database Activity Monitor	Version 10.1
Ibm Security Guardium Database Activity Monitor	Version 8.2
Ibm Security Guardium Database Activity Monitor	Version 9.0
Ibm Security Guardium Database Activity Monitor	Version 9.1
Ibm Security Guardium Database Activity Monitor	Version 9.5

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21990219

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/93828

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21990219

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/93828

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.