<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">
Virsec Vulnerability Report

CVE-2020-4688: IBM Guardium - Command Injection

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides timely, relevant analysis about recent and notable security vulnerabilities.

1.1        Vulnerability Summary

IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability.

cve-2020-4688

Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

The CVSS Base score of this vulnerability is 7.8 High as NVD. CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

1.3        Affected Version

IBM Security Guardium 10.6 and 11.2

1.4        Vulnerability Attribution

This vulnerability is reported IBM Corporation.

1.5        Risk Impact

IBM Security Guardium is used to prevent sensitive Data Loss via database manipulation. A vulnerability in a product like Guardium opens the doors on the most sensitive data of the top 100 enterprises.

Public exploit is not available.

1.6        Virsec Security Platform (VSP) Support:

VSP-Web capability can detect all types of command injection attack and prevent this attack from being exploited.

1.7        Reference Links:

 

Download the full vulnerability report to learn more about this and other important vulnerabilities.

Do you have a request for a vulnerability Virsec Security Research Lab to explore? Let us know!