CVE-2023-47709: 
IBM Guardium Appliance vulnerability analysis and mitigation

IBM Security Guardium versions 11.3, 11.4, 11.5, and 12.0 are affected by a critical remote command execution vulnerability identified as CVE-2023-47709. The vulnerability was disclosed on May 14, 2024, and allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request (IBM Security Bulletin, NVD).

The vulnerability has received a CVSS v3.1 base score of 9.1 (Critical) from IBM Corporation and 8.8 (High) from NVD. The CVSS vector string is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H, indicating that the vulnerability can be exploited over the network, requires low attack complexity, needs high privileges, and no user interaction. The vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command Injection) (NVD).

If successfully exploited, this vulnerability allows an authenticated attacker to execute arbitrary commands on the affected system, potentially leading to complete system compromise. The impact ratings indicate high severity across confidentiality, integrity, and availability, meaning an attacker could potentially gain full control of the affected system (IBM X-Force).

IBM has released security patches to address this vulnerability. Affected customers are strongly encouraged to update their systems with the appropriate fixes available through IBM Fix Central. For version 11.3, apply SqlGuard11.0p6304January-Security-PatchV11.3; for 11.4, apply SqlGuard11.0p6404January-Security-PatchV11.4; for 11.5, apply SqlGuard11.0p6504January-Security-PatchV11.5; and for 12.0, apply SqlGuard12.0p6004January-Security-PatchV12.0 (IBM Security Bulletin).