IBMADE13317CCCBBD3F1C112CAB75136C53D4B66B7B43A145A7EF0AF55CDC865B12Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by an Invalid Account Lockout vulnerability (CVE-2018-1373)
EPSS
Percentile
79.0%
Summary
IBM Security Guardium Big Data Intelligence (SonarG) has addressed the following vulnerability
Vulnerability Details
CVEID:CVE-2018-1373**
DESCRIPTION: *IBM Security Guardium Big Data Intelligence (SonarG) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/137773 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Affected IBM Security Guardium Big Data Intelligence (SonarG)
|
Affected Versions
—|—
IBM Security Guardium Big Data Intelligence (SonarG)| 3.1
Remediation/Fixes
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Security Guardium Big Data Intelligence (SonarG)| 3.2| An updated version of the product can be found on IBM’s Passport Advantage site here: <https://www-01.ibm.com/software/passportadvantage/pacustomers.html>
Workarounds and Mitigations
None
Related
EPSS
Percentile
79.0%