Incorrect Permission Management in IBM Security Guardium Big Data Intelligence
CVE-2018-1370
4.2MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 29 May 2018
Summary
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 contains a vulnerability that incorrectly specifies permissions for a security-sensitive resource. This misconfiguration can potentially allow unauthorized users to read or modify the resource, exposing critical data integrity risks and enabling inappropriate access within the system. Organizations utilizing this version should address the issue promptly to safeguard sensitive information from unintended actors.
Affected Version(s)
Security Guardium Big Data Intelligence 3.1
References
CVSS V3.1
Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved