PT-2018-4590 · Ibm+1 · Ibm Security Guardium Database Activity Monitor+1

Chris Shepherd

Published

2018-03-12

Updated

2018-04-04

CVE-2016-0235

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Guardium Database Activity Monitor version 10

Description The issue allows local users to have an unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems.

Recommendations For IBM Security Guardium Database Activity Monitor version 10, consider changing the hardcoded password to a unique and secure password to prevent potential exploitation. As a temporary workaround, restrict access to the system to minimize the risk of unauthorized administrator access.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2016-0235

Affected Products

Grub

Ibm Security Guardium Database Activity Monitor

PT-2018-4590 · Ibm+1 · Ibm Security Guardium Database Activity Monitor+1

CVE-2016-0235

Weakness Enumeration

Related Identifiers

Affected Products

References · 4