Ibm

Security Identity Governance And Intelligence

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2018-1949

  • EPSS 0.12%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:39

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 153429.

4.3

CVE-2018-1948

  • EPSS 0.15%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:38

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user o...

6.1

CVE-2018-1947

  • EPSS 0.13%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:38

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p...

7.5

CVE-2018-1946

  • EPSS 0.03%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:38

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or a...

6.1

CVE-2018-1945

  • EPSS 0.15%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:38

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit t...

9.8

CVE-2018-1944

  • EPSS 0.07%
  • Veröffentlicht 21.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:38

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external com...

5.3

CVE-2018-1757

  • EPSS 0.1%
  • Veröffentlicht 07.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:18

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601.

7.5

CVE-2018-1756

Exploit
  • EPSS 28.7%
  • Veröffentlicht 07.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:18

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-For...

6.7

CVE-2017-1755

  • EPSS 0.05%
  • Veröffentlicht 06.08.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:22:19

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID: 135855.

7.5

CVE-2017-1366

  • EPSS 0.1%
  • Veröffentlicht 06.08.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:21:47

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859.