CVE-2016-0236: Command Injection
First published: Fri Oct 21 2016(Updated: )
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM InfoSphere Guardium Database Activity Monitoring | =8.2 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =9.0 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =9.1 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =9.5 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =10.0 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =10.1 | |
| IBM InfoSphere Guardium Database Activity Monitoring | =10.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm infosphere guardium database activity monitoring
- version/ibm infosphere guardium database activity monitoring/8.2
- version/ibm infosphere guardium database activity monitoring/9.0
- version/ibm infosphere guardium database activity monitoring/9.1
- version/ibm infosphere guardium database activity monitoring/9.5
- version/ibm infosphere guardium database activity monitoring/10.0
- version/ibm infosphere guardium database activity monitoring/10.1
- version/ibm infosphere guardium database activity monitoring/10.01