A vulnerability was found in IBM Security Guardium Database Activity Monitor 10 (Policy Management Software). It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component Cache. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality. The summary by CVE is:

IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. IBM X-Force ID: 110328.

The bug was discovered 06/06/2016. The weakness was shared 03/12/2018 (Website). It is possible to read the advisory at exchange.xforce.ibmcloud.com. This vulnerability is known as CVE-2016-0237 since 12/08/2015. The exploitation appears to be easy. Attacking locally is a requirement. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1592 according to MITRE ATT&CK.

The vulnerability was handled as a non-public zero-day exploit for at least 644 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entry 114378 is related to this item.

Productinfo

Type

• Policy Management Software

Vendor

• IBM

Name

• Security Guardium Database Activity Monitor

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion