PT-2019-4650 · Ibm · Ibm Security Guardium Big Data Intelligence
Chris Shepherd
+5
·
Published
2019-10-23
·
Updated
2022-12-13
·
CVE-2019-4314
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Guardium Big Data Intelligence version 4.0
Description
The issue is related to the lack of protection for service data in the Security Guardium Big Data Intelligence software. This could allow a remote attacker to gain unauthorized access to protected information. The software stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Recommendations
For IBM Security Guardium Big Data Intelligence version 4.0, consider restricting access to the resource that stores sensitive information in cleartext to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Security Guardium Big Data Intelligence