CVE-2018-1377
Description
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 137778.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plaintext, allowing a local user to read them.
Vulnerability
IBM Security Guardium Big Data Intelligence (SonarG) version 3.1 stores user credentials in plaintext. This vulnerability allows a local user to read the credentials from the system. The issue is identified as CVE-2018-1377. [1]
Exploitation
An attacker with local access to the system can read the plaintext credentials. No special privileges are required beyond local user access. The attacker can simply access the stored credential file or location. [1]
Impact
Successful exploitation leads to disclosure of user credentials, compromising confidentiality. The attacker gains knowledge of credentials that could be used to access other systems or escalate privileges. [1]
Mitigation
IBM has addressed this vulnerability. The reference does not specify a fixed version number. No workarounds are available. Users should apply the latest patches from IBM. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 3.1
- IBM/Security Guardium Big Data Intelligencev5Range: 3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.ibm.com/support/docview.wssmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/103213mitrevdb-entryx_refsource_BID
- exchange.xforce.ibmcloud.com/vulnerabilities/137778mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.