CVE-2020-4604

Vulnerability

IBM Security Guardium Insights version 2.0.2 stores user credentials in plaintext (clear text) within the application's storage. This vulnerability allows any local user with sufficient privileges to read the stored credentials directly from the filesystem or memory. The affected version is explicitly 2.0.2 as stated in the advisory [1].

Exploitation

An attacker must have local access to the system running Guardium Insights and possess elevated privileges (e.g., root or administrative rights) to read the credential storage location. No network access or user interaction is required beyond gaining local privileged access. The attacker can then read the plaintext credentials from the storage medium.

Impact

Successful exploitation results in the disclosure of user credentials, including passwords or authentication tokens. This information disclosure can lead to unauthorized access to the Guardium Insights system and potentially other systems where the same credentials are reused. The confidentiality of stored credentials is compromised.

Mitigation

IBM has released a security bulletin [1] addressing this vulnerability. The recommended mitigation is to apply the latest fix pack or update provided by IBM for Guardium Insights. As of the publication date, no workaround is documented; users should upgrade to a patched version. Consult the IBM support page for specific version details.