CVE-2018-1372
CRITICALIBM Security Guardium Big Data Intelligence - Info Disclosure
Title source: llmDescription
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 137772.
References (3)
Core 3
Core References
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/137772
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103237
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg22013832
Scores
CVSS v3
9.8
EPSS
0.0224
EPSS Percentile
80.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-521
Status
published
Products (1)
ibm/security_guardium_big_data_intelligence
3.1
Published
Feb 27, 2018
Tracked Since
Feb 18, 2026