IBM35A8DD13F90426522529323A2D7345CBC9F2200279FA83CE2B3B1F0836F8F554Security Bulletin: IBM Security Verify Privilege Vault Remote is vulnerable to local user security bypass (CVE-2020-4607)
EPSS
Percentile
5.1%
Summary
A vulnerability identified in IBM Security Verify Privilege Vault Remote previously known as IBM Security Secret Server Remote have been addressed in the release 1.3.
Vulnerability Details
CVEID:CVE-2020-4607
**DESCRIPTION:**IBM Security Secret Server could allow a local user to bypass security restrictions due to improper input validation.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184884 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
IBM Security Verify Privilege Vault Remote 1.2
Remediation/Fixes
Upgrade to the latest release available here.
Navigate to the section βDownloadable partβ in the link above to find:
CC7WXEN
|
IBM Security Verify Privilege Vault Remote On-Premises v1.3.2 Windows Install English
β|β
CC7WYEN| IBM Security Verify Privilege Vault Remote On-Premises v1.3.2 Mac Install English
Workarounds and Mitigations
None
Related
