Skip to main content

IBM Guardium Data Protection CVE-2026-1274

| EUVDEUVD-2026-25123 MEDIUM
Business Logic Errors (CWE-840)
2026-04-23 psirt@us.ibm.com GHSA-67vv-8p72-p8fq
4.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
Analysis Generated
Apr 23, 2026 - 07:01 vuln.today
EUVD ID Assigned
Apr 23, 2026 - 00:22 euvd
EUVD-2026-25123
Analysis Generated
Apr 23, 2026 - 00:22 vuln.today
CVE Published
Apr 23, 2026 - 00:16 nvd
MEDIUM 4.9

DescriptionCVE.org

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel.

AnalysisAI

IBM Guardium Data Protection versions 12.0, 12.1, and 12.2 contain an authentication bypass vulnerability in the access management control panel that allows high-privilege users to circumvent business logic controls and modify access policies without proper authorization constraints. The vulnerability requires administrative credentials to trigger but results in unauthorized privilege escalation or policy modification within the management interface. No public exploit code or active exploitation has been identified at the time of analysis.

Technical ContextAI

This vulnerability exists in the access management control panel of IBM Guardium Data Protection, a database security and compliance solution. The flaw is classified as CWE-840 (Business Logic Errors), indicating a failure in the application's authorization logic rather than a traditional memory corruption or injection attack. The vulnerability affects the administrative interface layer where access policies and user privileges are managed. The CVSS vector (AV:N/AC:L/PR:H/UI:N/S:U) indicates that while network access is required, the attack necessitates high-privilege authentication (PR:H), meaning only administrative or highly-privileged account holders can exploit this bypass. The integrity impact (I:H) suggests unauthorized modification of access control settings is possible.

RemediationAI

IBM has released fixes for this vulnerability; apply the patched versions immediately via IBM's official patch deployment process. Upgrade IBM Guardium Data Protection to a version beyond 12.2 (version 13.0 or later if available, or the next maintenance release following 12.2.x.x with the security patch). Detailed patching instructions and version numbers are available at https://www.ibm.com/support/pages/node/7269445. As an interim compensating control pending patch deployment, restrict administrative console access to a minimal set of trusted users, implement network segmentation to limit administrative access to the management interface from specific IP ranges or VLANs, enforce multi-factor authentication for all administrative accounts accessing Guardium, and enable comprehensive audit logging of all access control policy changes to detect unauthorized modifications. Monitor administrative activity logs for unusual policy changes that could indicate exploitation. Note that these controls reduce but do not eliminate risk - patching is required for full remediation.

Share

CVE-2026-1274 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy