2 matches found
CVE-2020-4970
CVE-2020-4970 affects IBM Security Identity Governance and Intelligence versions 5.2.4–5.2.6 and arises from failing to properly enable HTTP Strict Transport Security. An attacker could obtain sensitive information via man-in-the-middle. The IBM advisory lists a fix: upgrade to 5.2.6.0-ISS-SIGI-F...
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnarable to exposure of sensitive information (CVE-20204970)
Summary IBM Security Identity Governance and Intelligence could expose sensitive information due to non enforcement of HTTP Strict Transport Security CVE-2020-4970. This vulnerability can lead to various security threats and has been resolved by implementing the required code fix. Vulnerability...