CVE-2026-4917 - Vulnerability Details

- IBM Guardium Data Protection is affected by multiple vulnerabilities

Description

IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to write arbitrary files on the system.

Published: 2026-04-22

Score: 4.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability in IBM Guardium Data Protection 12.1 allows an administrator who can send crafted HTTP requests to write files anywhere in the underlying operating system. Exploitation yields the ability to place arbitrary content, which could include malicious executables or configuration files, thereby compromising system integrity and potentially enabling further attacks. The weakness is a classic directory traversal flaw (CWE-22) and is limited to users with administrative privileges, but even an accidental misuse could damage critical data or create backdoors.

Affected Systems

Affected is IBM Guardium Data Protection version 12.1, including build 12.1.0 and any 12.1 release that has not applied the listed fix. The product is available for Linux platforms.

Risk and Exploitability

The CVSS score of 4.9 indicates a moderate impact, and the EPSS score of less than 1% suggests that analyst data does not show a high likelihood of active exploitation. The vulnerability is not listed in CISA's KEV catalog. Attackers would need to interact with the web interface as an administrative user and supply a URL containing "../" sequences to influence the file path. Once authenticated, the attacker can write files anywhere in the system tree, providing a foothold for further compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

IBM

Guardium Data Protection

affected

Version	Status	Constraints
`12.1`	affected	—

Configuration 1 [-]

cpe:2.3:a:ibm:guardium_data_protection:12.1:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Ibm

Guardium Data Protection

90%

Version	Status	Scheme	Platform
`[12.1,12.1]`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Solution

IBM encourages customers to update their systems promptly. ProductVersions FixIBM Guardium Data Protection12.1https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=12.1&platform=Linux&function=fixId&fixids=SqlGuard-12.0p140_Bundle&includeSupersedes=0&source=fc

OpenCVE Recommended Actions

Update IBM Guardium Data Protection to the latest available patch using IBM Fix Central or the IBM Security Quick Order service as documented in the official advisory
Limit access to the administrative web interface to trusted hosts or IP ranges, enforce strong network segmentation, and require multi‑factor authentication for administrators
Monitor system logs and web access for anomalous path traversal attempts and ensure that file creation outside designated directories is flagged or blocked

Generated by OpenCVE AI on April 28, 2026 at 15:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00022.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://www.ibm.com/support/pages/node/7270422

History

Thu, 23 Apr 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 23 Apr 2026 00:00:00 +0000

Type	Values Removed	Values Added
Description		IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to write arbitrary files on the system.
Title		IBM Guardium Data Protection is affected by multiple vulnerabilities
First Time appeared		Ibm Ibm guardium Data Protection
Weaknesses		CWE-22
CPEs		cpe:2.3:a:ibm:guardium_data_protection:12.1.0:::::::* cpe:2.3:a:ibm:guardium_data_protection:12.1:::::::*
Vendors & Products		Ibm Ibm guardium Data Protection
References		https://www.ibm.com/support/pages/node/7270422
Metrics		cvssV3_1 `{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Ibm Guardium Data Protection

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2026-04-22T23:27:45.961Z

Updated: 2026-04-23T16:24:06.376Z

Reserved: 2026-03-26T17:42:57.635Z

Link: CVE-2026-4917

Vulnrichment

Updated: 2026-04-23T14:04:37.008Z

NVD

Status : Analyzed

Published: 2026-04-23T00:16:46.293

Modified: 2026-04-27T18:13:46.847

Link: CVE-2026-4917

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T15:15:34Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object