Lucene search
IBM1B327B29D51BF09F8BA309E27C29950190C1C53CADDC21CA946D7B26132AB28EHistoryDec 02, 2020 - 9:14 p.m.
Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a 3rd party cryptographc vulnerability (CVE-2020-4254)
2020-12-0221:14:18
www.ibm.com
16
ibm security guardium
sonarg
cryptographic vulnerability
3rd party
fixed
download
version 4.2
EPSS
0.001
Percentile
43.8%
Summary
IBM Security Guardium Big Data Intelligence (SonarG) has fixed this vulnerability.
Vulnerability Details
CVEID:CVE-2020-4254
**DESCRIPTION:**IBM Security Guardium Big Data Intelligence (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175560 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Guardium Big Data Intelligence | 1.0 |
Remediation/Fixes
| Product | Versions | Fix |
|---|---|---|
| IBM Security Guardium Big Data Intelligence | 1.0 | https://gbdi-packages.jsonar.com/ |
| Please download version 4.2 |
Workarounds and Mitigations
None
Related
prion
prion
Code injection
2020-10-16 17:15:00
nvd
nvd
CVE-2020-4254
2020-10-16 17:15:13
cve
cve
CVE-2020-4254
2020-10-16 17:15:13
cvelist
cvelist
CVE-2020-4254
2020-10-16 16:40:18
EPSS
0.001
Percentile
43.8%
Related for 1B327B29D51BF09F8BA309E27C29950190C1C53CADDC21CA946D7B26132AB28E