CVE-2023-42004

Name of the Vulnerable Software and Affected Versions IBM Security Guardium versions 11.3 through 11.5

Description The issue is related to improper validation of csv file contents, which could allow a remote attacker to execute malicious commands. This is due to the lack of neutralization of elements in the CSV file.

Recommendations For versions 11.3 through 11.5, consider disabling the import of CSV files until a patch is available to prevent exploitation. Restrict access to the functionality that handles CSV file contents to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.