Vulnerability Name: | CVE-2017-1269 (CCN-124744) | ||||||||||||
Assigned: | 2016-11-30 | ||||||||||||
Published: | 2017-06-29 | ||||||||||||
Updated: | 2017-07-13 | ||||||||||||
Summary: | IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744 | ||||||||||||
CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
Vulnerability Type: | CWE-89 | ||||||||||||
Vulnerability Consequences: | Data Manipulation | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2017-1269 Source: CCN Type: IBM Security Bulletin 2004462 (Security Guardium) SQL Injection vulnerability affects IBM Security Guardium (CVE-2017-1269) Source: CONFIRM Type: Vendor Advisory http://www.ibm.com/support/docview.wss?uid=swg22004462 Source: BID Type: Third Party Advisory, VDB Entry 99361 Source: CCN Type: BID-99361 IBM Security Guardium CVE-2017-1269 Unspecified SQL Injection Vulnerability Source: MISC Type: Vendor Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/124744 Source: XF Type: UNKNOWN ibm-guardium-cve20171269-sql-injection(124744) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||
BACK |