CVE-2019-4695
Description
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 171926.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM GDE 3.0.0.2 stores web pages locally, allowing another local user to read sensitive data from those cached pages.
Vulnerability
IBM Guardium Data Encryption (GDE) version 3.0.0.2 stores web pages locally on the system without adequate protection. This allows the content of those cached pages, which may contain sensitive information, to be read by another user on the same system. The vulnerability exists in the default configuration of GDE 3.0.0.2 [1].
Exploitation
An attacker must have local access to the system where GDE 3.0.0.2 is installed. No authentication or user interaction is required beyond being able to read the local file system where the web pages are stored. The attacker can simply navigate to the storage location and view the cached page contents [1].
Impact
By reading locally stored web pages, an attacker can obtain sensitive information that should have been restricted, leading to a breach of confidentiality. The impact is limited to information disclosure and does not grant elevated privileges or system control [1].
Mitigation
IBM has fixed this vulnerability in Guardium Data Encryption version 4.0.0.0. Users should upgrade to the latest version to receive the fix. No workarounds are documented for the affected version [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 3.0.0.2
- IBM/Security Guardium Data Encryptionv5Range: 3.0.0.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/171926mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6320817mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.