Description

IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480.

Related CPE's

a

ibm

big_sql

4

a

cloudera

data_platform

4

a

ibm

cloud_pak_for_data

7

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/220480

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6563021

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/220480

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6563021

Vendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.5 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-03-14T16:15:07.993Z

3 years ago

Last modified

2024-11-21T05:46:41.287Z

1 year ago