CVE-2018-1370

Vulnerability

CVE-2018-1370 is a vulnerability in IBM Security Guardium Big Data Intelligence (SonarG) version 3.1. The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. The specific resource and the exact permission misconfiguration are not detailed in the available reference. According to the vendor advisory, the CVSS vector indicates network attack vector with high attack complexity and low privileges required [1].

Exploitation

An attacker with low privileges and network access can exploit the incorrect permission assignment. The attack complexity is high, meaning that specific conditions or a race window may be required. No user interaction is needed, and the attack can be performed over the network. The exact steps to trigger the vulnerability are not publicly disclosed in the advisory [1].

Impact

Successful exploitation allows an attacker to read or modify the critical resource, leading to a limited impact on confidentiality and integrity. The CVSS vector (AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N) indicates a low impact on both confidentiality and integrity, with no impact on availability. The attacker gains the ability to access or alter the targeted resource, potentially compromising the security of the deployment [1].

Mitigation

IBM has not released a fix or workaround in the advisory. The vendor states that no workarounds or mitigations are available. Users of IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 should monitor the vendor's security bulletin for updates. The advisory was published on May 25, 2018 [1].