Medium Severity
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to sensitive information disclosure (CVE-2020-4957)
May 13, 2022
Categorized: Medium Severity
Share this post:
IBM Security Identity Governance and Intelligence could disclose sensitive information in URL parameters due to a vulnerability in the Bulk Data Load module (CVE-2020-4957). This vulnerability is resolved by a code fix in the affected part of the product.
CVE(s): CVE-2020-4957
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Security Identity Governance and Intelligence | 5.2.6 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6586142
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192208
Security Bulletin: A security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-21496)
August 16, 2022 | Medium Severity
IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability. ...read more
Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System.
August 16, 2022 | Medium Severity
Multiple Vulnerabilities have been found in Node.js used by the Common UI in Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. ...read more
Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-22475, CVE-2022-22476)
August 16, 2022 | Medium Severity
IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities. ...read more