IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to a security vulnerability. The Virtual Appliance could allow an attacker to enumerate usernames to find valid login credentials.
CVEID:CVE-2020-4232
**DESCRIPTION:**IBM Security Identity Governance Virtual Appliance could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175336 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Security Identity Governance and Intelligence | 5.2.6 |
Affected Product(s) | Version(s) | First Fix |
---|---|---|
IBM Security Identity Governance and Intelligence | 5.2.6 | 5.2.6.0-ISS-SIGI-FP0001 |
None