Lucene search
IBMBDF06C506697F0969218A56B34E4337ADFE2CC3539B05872B32499B6F0F1D419HistoryMay 26, 2021 - 6:10 p.m.
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4996)
2021-05-2618:10:56
www.ibm.com
8
ibm
security identity governance
intelligence
cve-2020-4996
vulnerability
sensitive data leakage
screenshots
isar apps
access manager
authentication credentials
cvss
affected products
versions
remediation
fixes
EPSS
0
Percentile
5.1%
Summary
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The vulnerability concerns sensitive data leakage via screenshots in ISAR Apps.
Vulnerability Details
CVEID:CVE-2020-4996
**DESCRIPTION:**IBM Security Access Manager could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192913 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Identity Governance and Intelligence | 5.2.6 |
Remediation/Fixes
Product Name
| VRMF| First Fix
—|—|—
IGI| 5.2.6| 10.0.0.0-ISS-ISVG-IGVA-FP0000
Workarounds and Mitigations
None
Related
nvd
nvd
CVE-2020-4996
2021-02-09 15:15:13
cvelist
cvelist
CVE-2020-4996
2021-02-09 14:50:24
prion
prion
Design/Logic Flaw
2021-02-09 15:15:00
cve
cve
CVE-2020-4996
2021-02-09 15:15:13