Description
IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480.
Related CPE's
a
ibm
big_sql
4
a
cloudera
data_platform
4
a
ibm
cloud_pak_for_data
7
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/220480
VDB EntryVendor Advisory
https://www.ibm.com/support/pages/node/6563021
Vendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2022-03-14T17:15:07.993
3 years agoLast modified
2022-03-22T14:40:36.893
3 years ago