Vulnerabilities > IBM > Security Identity Governance AND Intelligence > 5.2.3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-07 | CVE-2018-1757 | Missing Authentication for Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4 IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. | 5.0 |
2018-09-07 | CVE-2018-1756 | SQL Injection vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4 IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. | 5.0 |
2018-08-06 | CVE-2017-1755 | Unspecified vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. | 4.6 |
2018-08-06 | CVE-2017-1412 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. | 4.0 |
2018-08-06 | CVE-2017-1411 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.0 |
2018-08-06 | CVE-2017-1409 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. | 5.0 |
2018-08-06 | CVE-2017-1396 | Permission Issues vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 5.5 |
2018-08-06 | CVE-2017-1368 | Session Fixation vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2018-08-06 | CVE-2017-1366 | Inadequate Encryption Strength vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |