Information Disclosure Risk in IBM Security Guardium Big Data Intelligence
CVE-2018-1369
3.7LOW
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 29 May 2018
Summary
IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 has a vulnerability that exposes sensitive information through URL parameters. If unauthorized individuals gain access to these URLs—potentially stored in server logs, accessed through the referrer header, or found in browser history—there is a significant risk of data leakage. This issue underscores the importance of securing URL parameters to protect sensitive data.
Affected Version(s)
Security Guardium Big Data Intelligence 3.1
References
CVSS V3.1
Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved