Hard-code credentials in IBM dashDB Local might be exploited by an attacker.
CVEID: CVE-2016-8954 DESCRIPTION: IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/118842 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
IBM dashDB Local v1.0.0 - v1.3.1.
Update to IBM dashDB Local v1.4.0 or later. For the procedure, see http://www.ibm.com/support/knowledgecenter/SS6NHC/com.ibm.swg.im.dashdb.doc/admin/local_updating.html.
None.