High Severity

Security Bulletin: IBM Security Identity Manager Password Synchronization Plug-in for Windows AD affected by multiple vulnerabilities (CVE-2021-20483, CVE-2021-20488)

Share this post:

IBM has announced a release for IBM Security Identity Manager Password Synchronization Plug-in for Windows AD to address several security vulnerabilities. The vulnerabilities concern server side request forgery and account take over.

CVE(s): CVE-2021-20483, CVE-2021-20488

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
ISIM 6.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6464081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/197591
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/197789

More stories

Security Bulletin: FasterXML Vulnerability in Jackson-Databind Affects IBM Sterling Connect:Direct File Agent (CVE-2018-7489)

Jul 23, 2021 8:13 pm EDT | High Severity

There is a vulnerability in FasterXML jackson-databind used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. ...read more


Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Sterling Connect:Direct File Agent (CVE-2020-1953)

Jul 23, 2021 8:11 pm EDT | High Severity

There is a vulnerability in Apache Commons used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. ...read more


Security Bulletin: IBM i2 iBase vulnerable to DLL highjacking (CVE-2020-4623)

Jul 23, 2021 8:00 pm EDT | High Severity

i2 iBase is vulnerable to DLL highjacking attacks. ...read more