PT-2022-9940 · Ibm · Ibm Security Guardium Insights
Published
2022-01-26
·
Updated
2023-08-08
·
CVE-2021-29846
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Guardium Insights version 3.0
Description
The issue allows an authenticated user to obtain sensitive information due to insufficient session expiration.
Recommendations
For IBM Security Guardium Insights version 3.0, consider implementing stricter session expiration policies to minimize the risk of sensitive information disclosure. As a temporary workaround, restrict access to sensitive data for authenticated users until a more permanent solution is available.
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Security Guardium Insights