CVE-2018-1373
Description
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 137773.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Guardium Big Data Intelligence (SonarG) 3.1 uses inadequate account lockout, enabling remote brute force attacks.
Vulnerability
IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 uses an inadequate account lockout setting, which allows an attacker to perform unlimited login attempts without triggering lockout [1]. This misconfiguration exists in the default configuration of the product.
Exploitation
An attacker can remotely send a high volume of authentication requests to the login interface without being blocked by account lockout mechanisms. No prior authentication or user interaction is required; the only requirement is network access to the affected service [1].
Impact
Successful brute force attacks can lead to unauthorized access, potentially compromising the confidentiality of sensitive data. The CVSS vector indicates high confidentiality impact, with no impact on integrity or availability [1].
Mitigation
IBM has released a fix as part of a cumulative update. Users should apply the latest patches provided by IBM for Guardium Big Data Intelligence (SonarG) 3.1. No workarounds are available [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: =3.1
- IBM/Security Guardium Big Data Intelligencev5Range: 3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.ibm.com/support/docview.wssmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/103199mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1040453mitrevdb-entryx_refsource_SECTRACK
- exchange.xforce.ibmcloud.com/vulnerabilities/137773mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.