Information Disclosure Vulnerability in IBM Security Identity Governance and Intelligence
CVE-2020-4791
6.9MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 9 February 2021
Summary
A vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 allows attackers to exploit improper certificate validation, potentially leading to sensitive information exposure through man-in-the-middle attacks. This flaw emphasizes the importance of robust security practices and proper certificate handling to safeguard against unauthorized access to critical data.
Affected Version(s)
Security Identity Governance and Intelligence 5.2.6
References
CVSS V3.1
Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved