High Severity

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2019-17006, CVE-2019-17023, CVE-2020-12403)

June 1, 2021

Categorized: High Severity

Share this post:

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The vulnerability concerns Open Source – 2 issues for nss and one additional issue.

CVE(s): CVE-2019-17006, CVE-2019-17023, CVE-2020-12403

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Identity Governance and Intelligence 5.2.5
IBM Security Identity Governance and Intelligence 5.2.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6457719
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/174125
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/174062
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/187746


Previous Post

Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Next Post

Security Bulletin: Apache CXF vulnerability identified in IBM Tivoli Application Dependency Discovery Manager (CVE-2021-22696)
More stories

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022

July 1, 2022 | High Severity

In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. ...read more

Security Bulletin: Remote code execution vulnerability affect IBM Business Automation Workflow – CVE-2021-43138

July 1, 2022 | High Severity

IBM Business Automation Workflow is vulnerable to a remote code execution attack. ...read more

Security Bulletin: Vulnerabilities in Samba, OpenSSL, Python, and XStream affect IBM Spectrum Protect Plus (CVE-2021-20254, CVE-2021-3712, CVE-2021-43859, CVE-2022-0778, CVE-2020-25717, CVE-2021-23192, CVE-2021-3733)

June 30, 2022 | High Severity

Vulnerabilities in Samba, OpenSSL, Python, and XStream may affect IBM Spectrum Protect Plus. These vulnerabilities include bypassing security restrictions, obtaining sensitive information, denial of service, and elevation of privileges. ...read more