CVE-2016-0241

8.8HIGH

Key Information:

Vendor: IBM
Status: Security Guardium Database Activity Monitor
Vendor: CVE Published:; 22 October 2016

Summary

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.

References

http://www.securityfocus.com/bid/93828

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21990219

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 22, 2016
Vulnerability Reserved
Dec 8, 2015