- Description
- IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 3.7
- Impact score
- 1.4
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_guardium:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64C62744-22BD-4038-8257-822ADDAC370D"
},
{
"criteria": "cpe:2.3:a:ibm:security_guardium:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26EA5CC2-F4BE-4F22-AC85-1956EFA88B66"
},
{
"criteria": "cpe:2.3:a:ibm:security_guardium:9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37342DD2-055B-429C-9231-2D9FE70B5AE5"
},
{
"criteria": "cpe:2.3:a:ibm:security_guardium:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "552A0A69-388F-4842-A882-78F267D4BF09"
},
{
"criteria": "cpe:2.3:a:ibm:security_guardium:10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "148A8443-DF7A-42AA-8D86-128CCC1D871E"
},
{
"criteria": "cpe:2.3:a:ibm:security_guardium:10.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45E6B962-F8F8-4979-BC76-AE0B16EEB082"
}
],
"operator": "OR"
}
]
}
]