IBMFA9E0BB0275304247C2F92A177A8C58F906DAC0C26F2D2F9342CCA43EA4E36A7Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Weak password policy vulnerability (CVE-2018-1372)
EPSS
Percentile
71.4%
Summary
IBM Security Guardium Big Data Intelligence (SonarG) has addressed the following vulnerability.
Vulnerability Details
CVEID:CVE-2018-1372**
DESCRIPTION: *IBM Security Guardium Big Data Intelligence (SonarG) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/137772 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Affected IBM Security Guardium Big Data Intelligence (SonarG)
|
Affected Versions
—|—
IBM Security Guardium Big Data Intelligence (SonarG)| 3.1
Remediation/Fixes
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Security Guardium Big Data Intelligence (SonarG)| 3.2| An updated version of the product can be found on IBM’s Passport Advantage site here: <https://www-01.ibm.com/software/passportadvantage/pacustomers.html>
Workarounds and Mitigations
None
Related
EPSS
Percentile
71.4%