High Severity

Security Bulletin: IBM Security Privileged Identity Manager is affected by XML External Entity Injection vulnerability in WebSphere (CVE-2020-4949)

Share this post:

IBM Security Privileged Identity Manager has addressed a XML External Entity Injection vulnerability in WebSphere application server.

CVE(s): CVE-2020-4949

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
ISPIM 2.1.1
ISPIM 2.0.2
ISPIM 2.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6476922
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192025

More stories

Security Bulletin: Aspera Web Applications (Shares, Console) are affected by OpenSSL Vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Sep 17, 2021 8:01 pm EDT | High Severity

Aspera Web Applications (Shares, Console) have addressed the following OpenSSL Vulnerabilities. ...read more


Security Bulletin: Aspera Web Applications (Shares, Console) are affected by an OpenSSL Vulnerability (CVE-2020-1971)

Sep 17, 2021 8:00 pm EDT | High Severity

Aspera Web Applications (Shares, Console) have addressed the following OpenSSL Vulnerability. ...read more


Security Bulletin: A security vulnerability in NGINX ffects IBM Cloud Automation Manager

Sep 16, 2021 8:01 pm EDT | High Severity

A security vulnerability in NGINX ffects IBM Cloud Automation Manager. ...read more