{"containers": {"cna": {"affected": [{"product": "Security Guardium Data Encryption", "vendor": "IBM", "versions": [{"status": "affected", "version": "3.0.0.2"}]}], "datePublic": "2020-08-24T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 6.4, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/PR:N/I:N/AV:N/S:C/AC:L/UI:R/A:N/C:H/E:U/RC:C/RL:O", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Obtain Information", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-26T19:00:40.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/6320817"}, {"name": "ibm-gde-cve20194698-info-disc (171929)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171929"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-08-24T00:00:00", "ID": "CVE-2019-4698", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Security Guardium Data Encryption", "version": {"version_data": [{"version_value": "3.0.0.2"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "L", "AV": "N", "C": "H", "I": "N", "PR": "N", "S": "C", "UI": "R"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Obtain Information"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/6320817", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6320817 (Security Guardium Data Encryption)", "url": "https://www.ibm.com/support/pages/node/6320817"}, {"name": "ibm-gde-cve20194698-info-disc (171929)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171929"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:40:49.056Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/6320817"}, {"name": "ibm-gde-cve20194698-info-disc (171929)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171929"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2019-4698", "datePublished": "2020-08-26T19:00:40.413Z", "dateReserved": "2019-01-03T00:00:00.000Z", "dateUpdated": "2024-09-16T19:19:07.185Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C0D13DA1-0053-4B56-8184-CA2AF1E84183", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:guardium_for_cloud_key_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B5AF11E-85CA-4452-AC70-AA9B83078653", "versionEndExcluding": "1.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929."}, {"lang": "es", "value": "IBM Security Guardium Data Encryption (GDE) versi\u00f3n 3.0.0.2, no requiere que los usuarios deban tener contrase\u00f1as seguras por defecto, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes comprometer las cuentas de los usuarios. IBM X-Force ID: 171929"}], "id": "CVE-2019-4698", "lastModified": "2024-11-21T04:44:01.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-26T19:15:13.767", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171929"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6320817"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6320817"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-521"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}