CVE-2018-1369

Name of the Vulnerable Software and Affected Versions IBM Security Guardium Big Data Intelligence (SonarG) version 3.1

Description The issue concerns the storage of sensitive information in URL parameters, which could lead to information disclosure if unauthorized parties gain access to the URLs through server logs, referrer headers, or browser history.

Recommendations For IBM Security Guardium Big Data Intelligence (SonarG) version 3.1, consider modifying the application to avoid storing sensitive information in URL parameters as a temporary workaround. Restrict access to server logs and ensure proper handling of referrer headers and browser history to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.