74 matches found
EUVD-2020-25478
Malware in sbrugna...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability.
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. Hard coded credentials have been removed from the IBM Security Directory Integrator version used by IBM Security Identity Governance and Intelligence. Vulnerability...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to unauthenticated access resulting in various threats (CVE-2022-21496)
Summary IBM Security Identity Governance and Intelligence is vulnerable to sensitive information access, data manipulation and denial of service by an unauthenticated attacker due to a vulnerability in Java SE related to the JNDI component CVE-2022-21496. The fix includes upgrading Java SE and...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to sensitive information exposure (CVE-2021-35550)
Summary IBM Security Identity Governance and Intelligence is vulnerable to sensitive information access by an unauthenticated attacker due to a vulnerability in Java SE related to the JSSE component CVE-2021-35550. The fix includes upgrading Java SE and Liberty to patched versions. Vulnerability...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-4104)
Summary IBM Security Identity Governance and Intelligence ISIGI is vulnerable to arbitrary code execution due to Apache Log4j CVE-2021-4104. Apache Log4j is used as part of ISIGI's logging infrastructure. The fix includes Apache Log4j version 2.17.1. Vulnerability Details CVEID:CVE-2021-4104...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to exposure of sensitive information (CVE-2021-35603)
Summary IBM Security Identity Governance and Intelligence is vulnerable to exposure of sensitive information to an unauthenticated attacker due to a vulnerability in Java SE related to the JSSE component CVE-2021-35603. The fix includes upgrading Java SE to the patched version. Vulnerability...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to sensitive information disclosure (CVE-2020-4957)
Summary IBM Security Identity Governance and Intelligence could disclose sensitive information in URL parameters due to a vulnerability in the Bulk Data Load module CVE-2020-4957. This vulnerability is resolved by a code fix in the affected part of the product. Vulnerability Details CVEID:...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-14781)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns the JNDI component of Java SE. Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related t...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-10531)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns Open Source - 1 issues for icu. Vulnerability Details CVEID: CVE-2020-10531 DESCRIPTION: International Components for Unicode ICU for C/C...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-11868, CVE-2020-13817)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns Open Source - 2 issues for ntp. Vulnerability Details CVEID: CVE-2020-11868 DESCRIPTION: NTP is vulnerable to a denial of service, caused...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4996)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns sensitive data leakage via screenshots in ISAR Apps. Vulnerability Details CVEID: CVE-2020-4996 DESCRIPTION: IBM Security Access Manager...
IBM Security Identity Governance and Intelligence Denial of Service Vulnerability
IBM Security Identity Governance and Intelligence is an integrated identity management solution based on network devices. A denial of service vulnerability exists in IBM Security Identity Governance and Intelligence 5.2.6. The vulnerability arises from improper authentication of a supplied URL. A...
CVE-2020-4996
IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913...
CVE-2020-4995
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout which could allow a user to obtain sensitive information from another users' session. IBM X-Force ID: 192912...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4790)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns a possible denial of service, in IBM Security Access Request apps, due to improper signup data . Vulnerability Details CVEID: CVE-2020-47...
IBM Security Identity Governance and Intelligence Information Disclosure Vulnerability (CNVD-2021-06643)
IBM Security Identity Governance and Intelligence is an integrated identity management solution based on network devices. An information disclosure vulnerability exists in IBM Security Identity Governance and Intelligence 5.2.6. The vulnerability arises from failure to properly enable HTTP Strict...
IBM Security Identity Governance and Intelligence 后置链接漏洞
IBM Security Identity Governance and Intelligence is an integrated identity management solution based on network devices. An information disclosure vulnerability exists in IBM Security Identity Governance and Intelligence 5.2.6. The vulnerability stems from the product not setting security...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4969)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability is due to a HTTP Strict-Transport-Security header that is missing on pages where users are not authenticated. Vulnerability Details CVEID:...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4966)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns the fact that the cookies set by the IBM Security Identity Governance and Intelligence application are missing the SameSite attribute...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-4968)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. The vulnerability concerns the unencryption of data sent on RMI ports that could allow eavesdrop on communications. Vulnerability Details CVEID: CVE-2020-4968...