Information Disclosure Vulnerability in IBM Security Guardium Insights
CVE-2021-29846

2.2LOW

Key Information:

Vendor: IBM
Status: Security Guardium Insights
Vendor: CVE Published:; 26 January 2022

Summary

IBM Security Guardium Insights 3.0 is vulnerable to an information disclosure issue that allows authenticated users to access sensitive information due to insufficient session expiration controls. This flaw can lead to unauthorized access to confidential user data, posing risks to data integrity and privacy. Immediate measures should be taken to mitigate this vulnerability and secure affected systems.

Affected Version(s)

Security Guardium Insights 3.0

References

https://www.ibm.com/support/pages/node/6550866

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/205256

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.2

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 26, 2022
Vulnerability Reserved
Mar 31, 2021