This page lists publicly disclosed CVE vulnerabilities affecting ibm guardium_data_protection (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-8405 | IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" (LTR) can expose sensitive credentials in debug mode. | [email protected] | 6.5 | 0.03% | 2026-05-27 | 2026-06-03 |
| CVE-2026-4919 | IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 4.8 | 0.02% | 2026-04-23 | 2026-04-27 |
| CVE-2026-4918 | IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | [email protected] | 5.5 | 0.02% | 2026-04-23 | 2026-04-27 |
| CVE-2026-4917 | IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to write arbitrary files on the system. | [email protected] | 4.9 | 0.01% | 2026-04-23 | 2026-04-27 |
| CVE-2026-1274 | IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel. | [email protected] | 4.9 | 0.01% | 2026-04-23 | 2026-04-27 |
| CVE-2026-1272 | IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel. | [email protected] | 2.7 | 0.02% | 2026-04-23 | 2026-04-27 |
| CVE-2025-36020 | IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information. | [email protected] | 5.9 | 0.10% | 2025-08-06 | 2025-08-13 |
| CVE-2025-3473 | IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions created by the program. | [email protected] | 6.7 | 0.01% | 2025-06-11 | 2025-08-13 |