PT-2016-4108 · Ibm · Ibm Security Guardium Database Activity Monitor
Chris Shepherd
+6
·
Publicado
2016-10-22
·
Atualizado
2016-11-28
·
CVE-2016-0241
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Security Guardium Database Activity Monitor versions 8.2 before p310
IBM Security Guardium Database Activity Monitor versions 9.x through 9.5 before p700
IBM Security Guardium Database Activity Monitor versions 10.x through 10.1 before p100
Description
The issue allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
Recommendations
For versions 8.2 before p310, update to a version that includes patch p310 or later.
For versions 9.x through 9.5 before p700, update to a version that includes patch p700 or later.
For versions 10.x through 10.1 before p100, update to a version that includes patch p100 or later.
Correção
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Security Guardium Database Activity Monitor