CVE-2021-20385

Name of the Vulnerable Software and Affected Versions IBM Security Guardium version 11.2

Description The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially-crafted request. This could enable an attacker to exploit the vulnerability and execute arbitrary commands on the system, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations For IBM Security Guardium version 11.2, consider restricting access to the system until a patch is available, and avoid using the system for sensitive operations. As a temporary workaround, consider disabling any functionality that allows remote authenticated attackers to send specially-crafted requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.