CVE-2019-4329: Input Validation
First published: Wed Oct 23 2019(Updated: )
IBM Security Guardium Big Data Intelligence (SonarG) uses incomplete blocklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Guardium Big Data Intelligence | =4.0 | |
| <=4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID is CVE-2019-4329.
What is the severity level of CVE-2019-4329?
The severity level of CVE-2019-4329 is medium.
How does CVE-2019-4329 impact the system and data integrity?
CVE-2019-4329 allows attackers to bypass application controls, resulting in a direct impact to the system and data integrity.
Which version of IBM Security Guardium Big Data Intelligence (SonarG) is affected by CVE-2019-4329?
IBM Security Guardium Big Data Intelligence (SonarG) version 4.0 is affected by CVE-2019-4329.
How can I fix CVE-2019-4329?
To fix CVE-2019-4329, you should apply the patch provided by IBM Security Guardium Big Data Intelligence (SonarG) version 4.1.0.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm security guardium big data intelligence
- version/ibm security guardium big data intelligence/4.0
- canonical/ibm security guardium big data intelligence (sonarg)
- version/ibm security guardium big data intelligence (sonarg)/4.0