Ibm Security Identity Governance And Intelligence

38 CVEs affecting Ibm Security Identity Governance And Intelligence. Latest disclosed: 2022-05-19. Critical: 1, High: 5.

Top CVEs affecting Ibm Security Identity Governance And Intelligence
CVESeverityScorePublishedSummary
CVE-2020-4958Critical9.82021-01-21IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consume…
CVE-2020-4795High8.22021-02-09IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IB…
CVE-2020-4245High7.52020-05-28IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attacker…
CVE-2020-4232High7.52020-05-28IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to a…
CVE-2018-1756High7.52018-09-07IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statemen…
CVE-2020-4246High7.12020-05-28IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attac…
CVE-2020-4790Medium6.52021-02-09IBM Security Identity Governance and Intelligence 5.2.6 could allow a user to cause a denial of service due to improperly validating a supplied URL, rendering…
CVE-2020-4968Medium6.52021-01-21IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensi…
CVE-2020-4249Medium6.52020-05-28IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect…
CVE-2020-4231Medium6.52020-05-28IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. I…
CVE-2017-1755Medium6.52018-08-06IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be execu…
CVE-2018-1947Medium6.12019-02-21IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2018-1945Medium6.12019-02-21IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the vict…
CVE-2020-4970Medium5.92022-05-19IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure…
CVE-2020-4969Medium5.92021-01-21IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable…
CVE-2018-1946Medium5.92019-02-21IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to…
CVE-2017-1411Medium5.92018-08-06IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easi…
CVE-2017-1366Medium5.92018-08-06IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decry…
CVE-2017-1395Medium5.92018-07-13IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused b…
CVE-2020-4996Medium5.52021-02-09IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentica…