IBMAA2A9651907C28CB61091E48449F090780E9B0476C7CD2CD307A855D1AFFEA3ASecurity Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Hazardous Input Validation vulnerability
EPSS
Percentile
19.6%
Summary
IBM Security Guardium Big Data Intelligence (SonarG) has addressed the following vulnerability.
Vulnerability Details
CVEID: CVE-2019-4329 DESCRIPTION: IBM Security Guardium Big Data Intelligence (SonarG) uses incomplete blocklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/161209> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
Affected IBM Security Guardium Big Data Intelligence (SonarG)
|
Affected Versions
—|—
IBM Security Guardium Big Data Intelligence (SonarG) | 4.0
Remediation/Fixes
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Security Guardium Big Data Intelligence (SonarG) | 4.0 | rhel7.x_IBM_Guardium_big_data_security_installer_4.1.0.tar.gz
Workarounds and Mitigations
None
Related
EPSS
Percentile
19.6%