CVE-2016-0238

IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ibmsecurity_guardium
9.0
ibmsecurity_guardium
9.1
ibmsecurity_guardium
9.5
ibmsecurity_guardium
10.0
ibmsecurity_guardium
10.1
ibmsecurity_guardium
10.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg21989124
http://www.securityfocus.com/bid/99379
https://exchange.xforce.ibmcloud.com/vulnerabilities/110409
http://www.ibm.com/support/docview.wss?uid=swg21989124
http://www.securityfocus.com/bid/99379
https://exchange.xforce.ibmcloud.com/vulnerabilities/110409