Ibm Security Guardium Big Data Intelligence — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Guardium Big Data Intelligence, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2018-1372 — CVSS 9.8 (critical): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have strong passwords by default, which makes…
CVE-2019-4340 — CVSS 8.2 (high): IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML…
CVE-2018-1377 — CVSS 7.8 (high): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user…
CVE-2018-1373 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout setting that could allow a remote attacker to…
CVE-2019-4310 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inadequate account lockout setting that could allow a remote attacker to…
CVE-2019-4314 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be…
CVE-2019-4339 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to…
CVE-2019-4338 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or…
CVE-2020-4254 — CVSS 7.5 (high): IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to…
CVE-2019-4306 — CVSS 6.5 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the…
CVE-2018-1376 — CVSS 6.1 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2018-1425 — CVSS 5.9 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to…
CVE-2018-1375 — CVSS 5.9 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after a successful authentication which could…
CVE-2019-4307 — CVSS 5.5 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in clear text which can be read by a local user…
CVE-2019-4309 — CVSS 5.5 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could allow a local user to obtain highly…
CVE-2019-4311 — CVSS 5.3 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to unauthorized users. The information can be used…
CVE-2017-1774 — CVSS 5.3 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sensitive information to unauthorized users. The information can be used…
CVE-2019-4330 — CVSS 4.3 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause…
CVE-2017-1768 — CVSS 4.3 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an error message that includes sensitive information about its…
CVE-2019-4329 — CVSS 4.3 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass…
CVE-2018-1370 — CVSS 4.2 (medium): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security-critical resource in a way that allows that…
CVE-2018-1369 — CVSS 3.7 (low): IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensitive information in URL parameters. This may lead to information…