Lucene search
IBM4AA5DD93B7E92A8170C0B4275E4D849AB14F44E401C6E19A6B0C56ED6FB03396HistoryDec 16, 2020 - 9:33 p.m.
Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server
2020-12-1621:33:29
www.ibm.com
7
0.001 Low
EPSS
Percentile
19.8%
Summary
A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.8.
Vulnerability Details
CVEID: CVE-2020-4843 DESCRIPTION: IBM Security Secret Server stores potentially sensitive information in config files that could be read by an authenticated user.
CVSS Base Score: 6.3
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/190048> for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Secret Server | All |
Remediation/Fixes
Upgrade IBM Security Secret Server to version 10.8 as per the instructions here.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security secret server | eq | 10.8 |
Related
cve
cve
CVE-2020-4843
2020-12-21 18:15:16
prion
prion
Information disclosure
2020-12-21 18:15:00
cvelist
cvelist
CVE-2020-4843
2020-12-16 00:00:00
nvd
nvd
CVE-2020-4843
2020-12-21 18:15:16
0.001 Low
EPSS
Percentile
19.8%
Related for 4AA5DD93B7E92A8170C0B4275E4D849AB14F44E401C6E19A6B0C56ED6FB03396