Medium Severity

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-15473)

Share this post:

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Identity Governance and Intelligence 5.2.4
IBM Security Identity Governance and Intelligence 5.2.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1284772

More stories

Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7

Apr 8, 2020 8:01 pm EDT | Medium Severity

Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7. CVE-2019-9948 and CVE-2019-9947 are fixed in RHEL7 as part of Errata RHSA-2019:2030 (https://access.redhat.com/errata/RHSA-2019:2030). This update is included in Resilient 34.1.53, released on September 17, 2019, and subsequent versions. ...read more


Security Bulletin: IBM Resilient OnPrem does not properly limit the number or frequency of pssword reset interactions

Apr 8, 2020 8:00 pm EDT | Medium Severity

IBM Resilient OnPrem does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests for password reset ...read more


Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability in IBM® Runtime Environment Java™ Version 8

Apr 8, 2020 8:00 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Scale Transparent Cloud Tiering. The IBM Spectrum Scale Transparent Cloud Tiering have addressed the applicable CVE. ...read more