Incorrect Permission Management in IBM Security Guardium Big Data Intelligence
CVE-2018-1370

4.2MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 May 2018

Summary

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 contains a vulnerability that incorrectly specifies permissions for a security-sensitive resource. This misconfiguration can potentially allow unauthorized users to read or modify the resource, exposing critical data integrity risks and enabling inappropriate access within the system. Organizations utilizing this version should address the issue promptly to safeguard sensitive information from unintended actors.

Affected Version(s)

Security Guardium Big Data Intelligence 3.1

References

CVSS V3.1

Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.