John Haldeman

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium versions 10.6 through 11.2 **Description** The issue allows a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by a command injection vulnerability. **Recommendations** For IBM Security Guardium versions 10.6 through 11.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Security Guardium versions 10.6 through 11.2 **Description** The issue allows a remote attacker to send specially crafted SQL statements, potentially enabling them to view, add, modify, or delete information in the back-end database. **Recommendations** For IBM Security Guardium versions 10.6 through 11.2, consider restricting access to the database to minimize the risk of exploitation until a fix is available.