IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/220480 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6563021 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
22 Mar 2022, 14:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
References | (CONFIRM) https://www.ibm.com/support/pages/node/6563021 - Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/220480 - VDB Entry, Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
First Time |
Cloudera
Ibm big Sql Ibm Ibm cloud Pak For Data Cloudera data Platform |
|
CPE | cpe:2.3:a:ibm:cloud_pak_for_data:3.5:refresh_9:*:*:*:*:*:* cpe:2.3:a:ibm:big_sql:*:*:*:*:*:*:*:* cpe:2.3:a:cloudera:data_platform:7.1.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_3:*:*:*:*:*:* cpe:2.3:a:cloudera:data_platform:7.1.4:*:*:*:*:*:*:* cpe:2.3:a:ibm:big_sql:7.1.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:big_sql:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:big_sql:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:3.5:refresh_1:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_4:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:4.0:-:*:*:*:*:*:* cpe:2.3:a:cloudera:data_platform:7.1.7:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:3.5:-:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_data:4.0:refresh_1:*:*:*:*:*:* cpe:2.3:a:cloudera:data_platform:7.1.5:*:*:*:*:*:*:* |
14 Mar 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. |
14 Mar 2022, 17:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-14 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-22353
Mitre link : CVE-2022-22353
CVE.ORG link : CVE-2022-22353
JSON object : View
Products Affected
ibm
- big_sql
- cloud_pak_for_data
cloudera
- data_platform
CWE