Multiple vulnerabilities in IBM Security Guardium Insights
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2019-12399 CVE-2020-4175 CVE-2020-4167 CVE-2020-4603 CVE-2020-4171 CVE-2020-4169 CVE-2020-4174 CVE-2020-4172 |
| CWE-ID | CWE-200 CWE-300 CWE-287 CWE-269 CWE-327 CWE-664 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
IBM Security Guardium Insights Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU24240
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12399
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output within the Apache Kafka Connect REST API tasks endpoint. A remote authenticated user can issue a request to the same Connect cluster to obtain the connector's task configurations and the response will contain the plaintext secret.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Man-in-the-Middle (MitM) attack
EUVDB-ID: #VU65702
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4175
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to IBM Security Guardium Insights fails to properly enable HTTP Strict Transport Security. A remote unauthenticated attacker can exploit this vulnerability to obtain sensitive information using man in the middle techniques.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authentication
EUVDB-ID: #VU65712
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4167
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests. A remote attacker can bypass authentication process and gain unauthorized access to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Privilege Management
EUVDB-ID: #VU65713
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4603
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to IBM Security Guardium Insights performs an operation at a privilege level that is higher than the minimum level required. A remote user can trigger the vulnerability to escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU65715
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4171
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote user can gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU65726
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4169
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to IBM Security Guardium Insights uses weaker than expected cryptographic algorithms. A remote unauthenticated attacker can use this vulnerability to decrypt highly sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU65724
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4174
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to IBM Security Guardium Insights uses weaker than expected cryptographic algorithms. A remote unauthenticated attacker can use this vulnerability to decrypt highly sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper control of a resource through its lifetime
EUVDB-ID: #VU65728
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-4172
CWE-ID:
CWE-664 - Improper control of a resource through its lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to IBM Security Guardium Insights stores sensitive information in URL parameters. A remote unauthenticated attacker with access to the URLs via server logs, referrer header or browser history can use this vulnerability to decrypt highly sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium Insights: 2.0 - 2.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium_insights:2.0.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6323297
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
