Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID: 213858.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Guardium Data Encryption 安全漏洞
Vulnerability Description
IBM Guardium Data Encryption(GDE)是美国IBM公司的一个应用软件。提供一个数据安全和合规性解决方案。 IBM Guardium Data Encryption 4.0.0.0版本和5.0.0.0版本存在安全漏洞,该漏洞源于软件将用户的信息保存到以逗号作为分割符号的CSV表格文件中,但它对于在文件中可能被理解为命令的特殊元素缺少有效的过滤转义。攻击者可通过输入特殊元素利用该漏洞执行某些命令。
CVSS Information
N/A
Vulnerability Type
N/A