High Severity

Security Bulletin: IBM Security Identity Manager Password Synchronization Plug-in for Windows AD affected by multiple vulnerabilities (CVE-2021-20483, CVE-2021-20488)

Share this post:

IBM has announced a release for IBM Security Identity Manager Password Synchronization Plug-in for Windows AD to address several security vulnerabilities. The vulnerabilities concern server side request forgery and account take over.

CVE(s): CVE-2021-20483, CVE-2021-20488

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
ISIM 6.0.2
ISIM 6.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6464081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/197591
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/197789

More stories

Security Bulletin: Operations Dashboard is vulnerable to Elasticsearch Go vulnerabilities (CVE-2021-22144 & CVE-2021-22145)

Oct 14, 2021 8:02 pm EDT | High Severity

Operations Dashboard is vulnerable to Elasticsearch vulnerabilities (CVE-2021-22144 & CVE-2021-22145) with details of each below ...read more


Security Bulletin: Operations Dashboard is vulnerable to multiple Go vulnerabilities

Oct 14, 2021 8:01 pm EDT | High Severity

Operations Dashboard is vulnerable to multiple Go vulnerabilities with details of each below ...read more


Security Bulletin: Multiple Websphere Vulnerabilities Impact IBM Control Center (CVE-2021-35517, CVE-2021-36090)

Oct 14, 2021 8:01 pm EDT | High Severity

There are multiple vulnerabilities in Websphere that is used by Control Center. ...read more