Vulnerability in Ibm Security Identity Governance And Intelligence
CVE-2020-4232
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336.
EPSS: 0.011 (62.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Ibm Security Identity Governance And Intelligence — versions 5.2.6
- Ibm Security_identity_governance_and_intelligence — versions 5.2.6
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)
Frequently asked questions
- What is CVE-2020-4232?
- CVE-2020-4232 is a high-severity vulnerability in Ibm Security Identity Governance And Intelligence, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 7.5/10. Published 2020-05-28.
- How severe is CVE-2020-4232?
- High severity. CVSS v3 base score is 7.5 out of 10.