Arbitrary Command Execution Vulnerability in IBM Security Guardium

CVE-2023-47709

9.1CRITICAL

Key Information

Vendor: IBM
Status: Security Guardium
Vendor: Published:; 14 May 2024

Summary

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 271524.

Affected Version(s)

Security Guardium = 11.3, 11.4, 11.5, 12.0

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

CHANGED

Timeline

Vulnerability published.
May 14, 2024
Vulnerability Reserved.
Nov 9, 2023

Collectors

NVD DatabaseMitre Database