PatchSiren cyber security CVE debrief
CVE-2026-8405 IBM CVE debrief
IBM Guardium Data Protection versions 12.2.1 and 12.2.2 contain an information disclosure vulnerability in the Long Term Retention (LTR) add-on feature. When debug mode is enabled, sensitive credentials may be exposed. The vulnerability is classified as CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) and carries a CVSS 3.1 score of 6.5 (MEDIUM severity). The attack vector is network-based with low attack complexity, requiring low privileges but no user interaction. The confidentiality impact is rated HIGH, while integrity and availability impacts are NONE. This vulnerability was published to the NVD on 2026-05-27 and remains in 'Awaiting Analysis' status. IBM has published a security bulletin with remediation guidance.
- Vendor
- IBM
- Product
- Guardium Data Protection
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-27
- Original CVE updated
- 2026-05-27
- Advisory published
- 2026-05-27
- Advisory updated
- 2026-05-27
Who should care
Organizations running IBM Guardium Data Protection 12.2.1 or 12.2.2 with the Long Term Retention feature enabled, particularly those in regulated industries handling sensitive data subject to data protection requirements. Database security administrators, compliance officers, and infrastructure teams responsible for Guardium deployments should prioritize review.
Technical summary
The Long Term Retention (LTR) add-on feature in IBM Guardium Data Protection 12.2.1 and 12.2.2 exposes sensitive credentials when operating in debug mode. This represents an information disclosure weakness (CWE-200) where authentication material may become visible to authenticated users with low privileges. The vulnerability does not require user interaction to exploit and can be attacked over the network.
Defensive priority
medium
Recommended defensive actions
- Review IBM security bulletin for official patch availability and deployment instructions
- Audit Guardium Data Protection deployments to identify systems running affected versions 12.2.1 or 12.2.2
- Verify whether Long Term Retention (LTR) add-on is enabled in your environment
- Disable debug mode on LTR components if not required for active troubleshooting
- Monitor access logs for unauthorized credential access attempts
- Apply vendor-provided security updates when available per organizational change management procedures
Evidence notes
Vulnerability description sourced from official NVD record. CVSS vector confirms network attack vector with low privileges required. IBM PSIRT reference provides vendor acknowledgment. CPE criteria not yet populated in source record; product versions confirmed through description field.
Official resources
-
CVE-2026-8405 CVE record
CVE.org
-
CVE-2026-8405 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
2026-05-27