CVE-2023-47710

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium versions 11.4 through 12.0

Description: The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to exploit it and potentially disclose credentials within a trusted session. This is made possible by the ability to embed arbitrary JavaScript code in the Web UI, altering its intended functionality.

Recommendations: For versions 11.4 through 12.0, consider disabling the Web UI functionality until a patch is available to prevent potential exploitation. Restrict access to the Web UI to minimize the risk of credentials disclosure within a trusted session.