CVE-2016-0238: Infoleak
First published: Wed Jul 05 2017(Updated: )
IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Guardium | =9.0 | |
| IBM Security Guardium | =9.1 | |
| IBM Security Guardium | =9.5 | |
| IBM Security Guardium | =10.0 | |
| IBM Security Guardium | =10.1 | |
| IBM Security Guardium | =10.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/weakness
- agent/description
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm security guardium
- version/ibm security guardium/9.0
- version/ibm security guardium/9.1
- version/ibm security guardium/9.5
- version/ibm security guardium/10.0
- version/ibm security guardium/10.1
- version/ibm security guardium/10.1.2