{"lastseen": "2020-09-21T14:24:28", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21990372", "http://www.securityfocus.com/bid/93823"], "scheme": null, "description": "IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field.", "edition": 3, "reporter": "cve@mitre.org", "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "published": "2016-10-21T17:59:00", "title": "CVE-2016-0236", "type": "cve", "enchantments": {"dependencies": {"references": [], "modified": "2020-09-21T14:24:28", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2020-09-21T14:24:28", "rev": 2}, "vulnersScore": 8.0}, "cwe": ["CWE-77"], "bulletinFamily": "NVD", "affectedSoftware": [{"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "9.0"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "10.01"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "10.0"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "9.1"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "9.5"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "10.1"}, {"cpeName": "ibm:security_guardium_database_activity_monitor", "name": "ibm security guardium database activity monitor", "operator": "eq", "version": "8.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvelist": ["CVE-2016-0236"], "modified": "2016-11-28T19:52:00", "cpe": ["cpe:/a:ibm:security_guardium_database_activity_monitor:10.1", "cpe:/a:ibm:security_guardium_database_activity_monitor:10.01", "cpe:/a:ibm:security_guardium_database_activity_monitor:9.1", "cpe:/a:ibm:security_guardium_database_activity_monitor:9.5", "cpe:/a:ibm:security_guardium_database_activity_monitor:9.0", "cpe:/a:ibm:security_guardium_database_activity_monitor:8.2", "cpe:/a:ibm:security_guardium_database_activity_monitor:10.0"], "id": "CVE-2016-0236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0236", "viewCount": 37, "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:10.01:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_guardium_database_activity_monitor:9.1:*:*:*:*:*:*:*"]}

{}