CVE-2019-4306
First published: Mon Oct 28 2019(Updated: )
IBM Security Guardium Big Data Intelligence (SonarG) specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that resource by unintended parties.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Guardium Big Data Intelligence | =4.0 | |
| <=4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-4306?
The severity of CVE-2019-4306 is medium with a severity value of 6.5.
How does IBM Security Guardium Big Data Intelligence (SonarG) 4.0 expose sensitive information?
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 exposes sensitive information by specifying permissions for a security-critical resource which could be accessed by unintended parties.
Is there a patch available for CVE-2019-4306?
Yes, there is a patch available for CVE-2019-4306. You can download it from this [link](https://gbdi-packages.jsonar.com/rhel7.x_IBM_Guardium_big_data_security_installer_4.1.0.tar.gz).
What is the CWE ID for CVE-2019-4306?
The CWE ID for CVE-2019-4306 is 668.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/description
- vendor/ibm
- canonical/ibm security guardium big data intelligence
- version/ibm security guardium big data intelligence/4.0
- canonical/ibm security guardium big data intelligence (sonarg)
- version/ibm security guardium big data intelligence (sonarg)/4.0