2 matches found
CVE-2022-22353
CVE-2022-22353 affects IBM Big SQL on IBM Cloud Pak for Data (versions 7.1.1; 7.2.0–7.2.3) where a authenticated user with appropriate privileges can bypass data masking rules via CREATE TABLE AS/SELECT, resulting in leakage of sensitive data. The IBM Security Bulletin notes a software defect: da...
Security Bulletin: Data masking rules are not enforced when CREATE TABLE AS SELECT statement is executed in IBM Big SQL
Summary A software defect in IBM Big SQL prevents data masking rules to be enforced when a user executes CREATE TABLE AS SELECT … WITH DATA statement. The newly created table contains unmasked data. Vulnerability Details CVEID:CVE-2022-22353 DESCRIPTION: IBM Big SQL could allow an authenticated...