Low Severity

Security Bulletin: Overly Permissive CORS Policy vulnerability found on IBM Security Secret Server (CVE-2019-4633)

Share this post:

This security bulletin describes plugging some potential, minor yet significant, information leaks by the IBM Security Secret Server. IBM Security Secret Server has an overly permissive CORS policy for login.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Secret Server All

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1283200

More stories

Security Bulletin: Security vulnerability in IBM Java SDK affect Rational Build Forge (CVE-2020-2654)

Mar 31, 2020 8:00 pm EDT | Low Severity

IBM® SDK Java™ Technology Edition that is used by IBM Rational Build Forge has a security vulnerability. IBM Rational Build Forge has addressed the applicable CVE. ...read more



Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-1552)

Mar 18, 2020 8:00 pm EDT | Low Severity

OpenSSL vulnerabilities were disclosed on July 30, 2019 and September 10, 2019 by the OpenSSL Project. OpenSSL is used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services. ...read more