Plain Text Credential Storage in IBM Security Guardium Big Data Intelligence
CVE-2019-4307

5.1MEDIUM

Key Information:

Vendor: IBM
Status: Security Guardium Big Data Intelligence
Vendor: CVE Published:; 29 October 2019

Summary

IBM Security Guardium Big Data Intelligence (SonarG) version 4.0 contains a vulnerability that allows local users to access stored user credentials in plain text. This flaw enables unauthorized individuals to retrieve sensitive information, potentially compromising user accounts and data security. It is essential for organizations using this product to assess their exposure and implement necessary security measures to protect user details.

Affected Version(s)

Security Guardium Big Data Intelligence 4

References

https://www.ibm.com/support/pages/node/1096288

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/160987

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 29, 2019
Vulnerability Reserved
Jan 3, 2019