Weak Password Policy in IBM Intelligent Operations Center and Water Operations
CVE-2019-4321
Summary
IBM Intelligent Operations Center versions 5.1.0 through 5.2.0, along with IBM Intelligent Operations Center for Emergency Management versions 5.1.0 to 5.1.0.6 and IBM Water Operations for Waternamics versions 5.1.0 to 5.2.1.1, exhibit a vulnerability due to the absence of enforced strong password requirements. This oversight can lead to a heightened risk of unauthorized access, as attackers may easily compromise user accounts using weak or default passwords. Organizations utilizing these products should review their security practices and consider implementing stronger authentication measures to enhance protection against potential attacks. For further details, refer to IBM's support documentation and X-Force advisories.
Affected Version(s)
Intelligent Operations Center 5.1.0
Intelligent Operations Center 5.1.0.1
Intelligent Operations Center 5.1.0.2
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved