Information Disclosure Vulnerability in IBM Security Identity Governance and Intelligence
CVE-2020-4791

6.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
9 February 2021

Summary

A vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 allows attackers to exploit improper certificate validation, potentially leading to sensitive information exposure through man-in-the-middle attacks. This flaw emphasizes the importance of robust security practices and proper certificate handling to safeguard against unauthorized access to critical data.

Affected Version(s)

Security Identity Governance and Intelligence 5.2.6

References

CVSS V3.1

Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.