Weak Cryptographic Algorithms in IBM Security Identity Governance and Intelligence
CVE-2020-4968
5.3MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 21 January 2021
Summary
IBM Security Identity Governance and Intelligence version 5.2.6 employs inadequately secure cryptographic algorithms that potentially expose sensitive data by allowing unauthorized decryption. This vulnerability poses a significant risk, as compromised information may include personal identifiable information (PII) and other critical data, fundamentally undermining the integrity of the security system.
Affected Version(s)
Security Identity Governance and Intelligence 5.2.6
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved