Description
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610.
CVSS breakdown
CVSS 3.0
Availability
None
Attack Complexity
High
Attack Vector
Network
Confidentiality
High
Integrity
None
Privileges Required
None
Scope
Unchanged
User Interaction
None
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / security_guardium10.0 – 10.0
- ibm / security_guardium10.0.1 – 10.0.1
- ibm / security_guardium10.1 – 10.1
- ibm / security_guardium10.1.2 – 10.1.2
- ibm / security_guardium10.1.3 – 10.1.3
- ibm / security_guardium10.1.4 – 10.1.4
- ibm / security_guardium10.5 – 10.5