SQL Injection in Ibm Infosphere_biginsights

CVE-2015-1889

The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary…

Vulnerability class: SQL Injection

EPSS: 0.016 (72.3th percentile) — read the EPSS interpretation.

Affected products

Ibm Infosphere_biginsights — versions 3.0.0.0, 3.0.0.1, 3.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-89 — SQL Injection

References

psirt@us.ibm.com (vdb-entry, x_refsource_SECTRACK)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)