CVE-2025-3440: 
IBM Guardium Appliance vulnerability analysis and mitigation

IBM Security Guardium 11.5 was identified with a stored cross-site scripting vulnerability (CVE-2025-3440), discovered and disclosed on May 15, 2025. The vulnerability affects the Web UI component of IBM Security Guardium Data Protection version 11.5 and 12.0 (IBM Security Bulletin, NVD Database).

The vulnerability is classified as a stored cross-site scripting (XSS) issue, identified as CWE-79 (Improper Neutralization of Input During Web Page Generation). It received a CVSS v3.1 base score of 5.5 MEDIUM with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N, indicating network accessibility with low attack complexity but requiring high privileges (NVD Database, Wiz Report).

The vulnerability enables privileged users to embed arbitrary JavaScript code in the Web UI, which can alter the intended functionality of the application. This could potentially lead to credentials disclosure within a trusted session (IBM Security Bulletin).

IBM has released fixes for both affected versions (11.5 and 12.0) and encourages customers to update their systems promptly. The fixes are available through IBM Fix Central for IBM Guardium Data Protection (IBM Security Bulletin).

The vulnerability was reported to IBM by security researcher Aaron Ramirez. IBM has acknowledged the report and addressed it through their security response process (IBM Security Bulletin).