CVE-2019-4306

CWE-668Exposure to Wrong Sphere3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 60.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium BIG Data Intelligence
Timeline
PublishedOct 29
Latest updateMay 24

Description

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that resource by unintended parties. IBM X-Force ID: 160986.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-4pmj-rrfm-63h4: IBM Security Guardium Big Data Intelligence (SonarG) 42022-05-24
CVEList
CVE-2019-4306: IBM Security Guardium Big Data Intelligence (SonarG) 42019-10-28
CVE-2019-4306 (MEDIUM CVSS 6.5) | IBM Security Guardium Big Data Inte | cvebase.io