Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM82B35506B538E30FCA0715D08CDE212B0BF29AD74B3A2EE1808A56F77122D1D8
HistoryAug 31, 2020 - 9:06 p.m.

Security Bulletin: A security vulnerability has been fixed in IBM Security Identity Manager (CVE-2020-4538)

2020-08-3121:06:37
www.ibm.com
8
JSON

Summary

IBM Security Identity Manager has addressed the following vulnerability due to allowing a privileged local user to perform unauthorized actions

Vulnerability Details

CVEID:CVE-2020-4538
**DESCRIPTION:**IBM Security Identity Manager could allow a privileged local user to perform unauthorized actions due to reuse of another users JSESSIONID.
CVSS Base score: 6.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182913 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
ISIM 6.0.0

Remediation/Fixes

Affected Product / Version Fix availability
IBM Security Identity Manager 6.0.0 6.0.0-ISS-SIM-FP0023

Workarounds and Mitigations

None

Related

cve 1
cve
cve
CVE-2020-4538
2022-02-25 23:30:12
JSON
Related for 82B35506B538E30FCA0715D08CDE212B0BF29AD74B3A2EE1808A56F77122D1D8
cve1