Lucene search
IBM8AAD3C5E81F9BE3BCACC2E68E614ED61F078D620B5EB09CC5E1536A4AF3F5148HistoryJan 20, 2021 - 9:17 a.m.
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4968)
2021-01-2009:17:35
www.ibm.com
8
ibm
security identity governance and intelligence
cve-2020-4968
unencryption vulnerability
data decryption
EPSS
0.001
Percentile
20.0%
Summary
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The vulnerability concerns the unencryption of data sent on RMI ports that could allow eavesdrop on communications.
Vulnerability Details
CVEID:CVE-2020-4968
**DESCRIPTION:**IBM Security Identity Governance Virtual Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192427 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Identity Governance and Intelligence | 5.2.6 |
Remediation/Fixes
| Product Name | VRMF | First Fix |
|---|---|---|
| IGI | 5.2.6 | 10.0.0.0-ISS-ISVG-IGVA-FP0000 |
Workarounds and Mitigations
None
Related
cvelist
cvelist
CVE-2020-4968
2021-01-21 14:00:27
cve
cve
CVE-2020-4968
2021-01-21 14:15:13
prion
prion
Design/Logic Flaw
2021-01-21 14:15:00
nvd
nvd
CVE-2020-4968
2021-01-21 14:15:13
EPSS
0.001
Percentile
20.0%
Related for 8AAD3C5E81F9BE3BCACC2E68E614ED61F078D620B5EB09CC5E1536A4AF3F5148