Weak Password Policy in IBM Intelligent Operations Center and Water Operations
CVE-2019-4321

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Intelligent Operations Center
Vendor: CVE Published:; 5 September 2019

Summary

IBM Intelligent Operations Center versions 5.1.0 through 5.2.0, along with IBM Intelligent Operations Center for Emergency Management versions 5.1.0 to 5.1.0.6 and IBM Water Operations for Waternamics versions 5.1.0 to 5.2.1.1, exhibit a vulnerability due to the absence of enforced strong password requirements. This oversight can lead to a heightened risk of unauthorized access, as attackers may easily compromise user accounts using weak or default passwords. Organizations utilizing these products should review their security practices and consider implementing stronger authentication measures to enhance protection against potential attacks. For further details, refer to IBM's support documentation and X-Force advisories.

Affected Version(s)

Intelligent Operations Center 5.1.0

Intelligent Operations Center 5.1.0.1

Intelligent Operations Center 5.1.0.2

References

http://www.ibm.com/support/docview.wss?uid=ibm10885901

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/161201

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 5, 2019
Vulnerability Reserved
Jan 3, 2019