Primary

Context

IBM Guardium Data Protection Directory Traversal Vulnerability Allowing Arbitrary File Write

Vulnerability

A directory traversal vulnerability has been identified in IBM Guardium Data Protection version 12.1. This issue could allow an administrative user to traverse directories on the system. By sending a specially crafted URL request that includes 'dot dot' sequences, an attacker could potentially write arbitrary files on the system.

Impact

Exploitation of this vulnerability could lead to unauthorized file writing on the system, potentially allowing for further exploitation or manipulation of the application or server.

Remediation

Users are encouraged to update to the latest version of IBM Guardium Data Protection. Instructions for downloading the update are available on the IBM Support Fix Central website.

Added: Apr 23, 2026, 12:24 AM

Updated: Apr 23, 2026, 12:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

4.8

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

4.8

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Guardium Data Protection Directory Traversal Vulnerability Allowing Arbitrary File Write

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating