IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 | VDB Entry Vendor Advisory |
| https://www.ibm.com/support/pages/node/6995161 | Patch Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 | VDB Entry Vendor Advisory |
| https://www.ibm.com/support/pages/node/6995161 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 07:51
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 - VDB Entry, Vendor Advisory | |
| References | () https://www.ibm.com/support/pages/node/6995161 - Patch, Vendor Advisory |
29 Aug 2023, 05:02
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:ibm:guardium_cloud_key_manager:*:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| First Time |
Ibm guardium Cloud Key Manager
Ibm |
|
| References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 - VDB Entry, Vendor Advisory | |
| References | (MISC) https://www.ibm.com/support/pages/node/6995161 - Patch, Vendor Advisory | |
| CWE | CWE-79 |
28 Aug 2023, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-28 01:15
Updated : 2024-11-21 07:51
NVD link : CVE-2023-26270
Mitre link : CVE-2023-26270
CVE.ORG link : CVE-2023-26270
JSON object : View
Products Affected
ibm
- guardium_cloud_key_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')