Information Disclosure Risk in IBM Security Guardium Big Data Intelligence
CVE-2018-1369

3.7LOW

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 May 2018

Summary

IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 has a vulnerability that exposes sensitive information through URL parameters. If unauthorized individuals gain access to these URLs—potentially stored in server logs, accessed through the referrer header, or found in browser history—there is a significant risk of data leakage. This issue underscores the importance of securing URL parameters to protect sensitive data.

Affected Version(s)

Security Guardium Big Data Intelligence 3.1

References

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.