Exposure of Resource to Wrong Sphere

CVE-2019-4306

Medium

6.5/10

Summary

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security-critical resource which could lead to the exposure of sensitive information or the modification of that resource by unintended parties. IBM X-Force ID: 160986.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References

Advisory Timeline

Published Oct 29, 2019

Exposure of Resource to Wrong Sphere

CVE-2019-4306

Summary

CWE-668 - Exposure of Resource to Wrong Sphere

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS