Medium Severity

Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to sensitive information disclosure (CVE-2020-4957)

Share this post:

IBM Security Identity Governance and Intelligence could disclose sensitive information in URL parameters due to a vulnerability in the Bulk Data Load module (CVE-2020-4957). This vulnerability is resolved by a code fix in the affected part of the product.

CVE(s): CVE-2020-4957

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Identity Governance and Intelligence 5.2.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6586142
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192208

More stories

Security Bulletin: A security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-21496)

August 16, 2022 | Medium Severity

IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability. ...read more


Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System.

August 16, 2022 | Medium Severity

Multiple Vulnerabilities have been found in Node.js used by the Common UI in Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component (CVE-2022-22475, CVE-2022-22476)

August 16, 2022 | Medium Severity

IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities. ...read more