CVE-2017-1597
First published: Thu Dec 13 2018(Updated: )
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM InfoSphere Guardium z/OS | >=10.0<=10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-1597?
The CVE-2017-1597 vulnerability has been assigned a high severity rating due to the lack of strong password requirements.
How do I fix CVE-2017-1597?
To fix CVE-2017-1597, implement strong password policies and configure the system to require complex passwords for user accounts.
What software versions are affected by CVE-2017-1597?
CVE-2017-1597 affects IBM Security Guardium versions 10.0 through 10.5.
What are the potential risks associated with CVE-2017-1597?
The risks associated with CVE-2017-1597 include unauthorized access to sensitive database activity due to compromised user accounts.
Is a patch available for CVE-2017-1597?
IBM recommends upgrading to a patched version of Security Guardium that enforces strong password requirements.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm infosphere guardium z/os
- version/ibm infosphere guardium z/os/10.0
- version/ibm infosphere guardium z/os/10.5