Plain Text Credential Storage in IBM Security Guardium Big Data Intelligence
CVE-2019-4307

5.1MEDIUM

Key Information:

Vendor

IBM
Status
Security Guardium Big Data Intelligence
Vendor
CVE Published:
29 October 2019

What is CVE-2019-4307?

IBM Security Guardium Big Data Intelligence (SonarG) version 4.0 contains a vulnerability that allows local users to access stored user credentials in plain text. This flaw enables unauthorized individuals to retrieve sensitive information, potentially compromising user accounts and data security. It is essential for organizations using this product to assess their exposure and implement necessary security measures to protect user details.

Affected Version(s)

Security Guardium Big Data Intelligence 4

References

https://www.ibm.com/support/pages/node/1096288
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/160987
vdb-entryx_refsource_XF

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.