Weak Password Policy in IBM Intelligent Operations Center and Water Operations
CVE-2019-4321

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
5 September 2019

Summary

IBM Intelligent Operations Center versions 5.1.0 through 5.2.0, along with IBM Intelligent Operations Center for Emergency Management versions 5.1.0 to 5.1.0.6 and IBM Water Operations for Waternamics versions 5.1.0 to 5.2.1.1, exhibit a vulnerability due to the absence of enforced strong password requirements. This oversight can lead to a heightened risk of unauthorized access, as attackers may easily compromise user accounts using weak or default passwords. Organizations utilizing these products should review their security practices and consider implementing stronger authentication measures to enhance protection against potential attacks. For further details, refer to IBM's support documentation and X-Force advisories.

Affected Version(s)

Intelligent Operations Center 5.1.0

Intelligent Operations Center 5.1.0.1

Intelligent Operations Center 5.1.0.2

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.