Vulnerabilities > IBM > Security Identity Governance AND Intelligence > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-06	CVE-2017-1409	Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. network low complexity ibm CWE-200	5.3
2018-08-06	CVE-2017-1368	Session Fixation vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. network low complexity ibm CWE-384	6.5
2018-07-13	CVE-2017-1395	Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network high complexity ibm CWE-200	5.9
2018-07-13	CVE-2017-1367	Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. network low complexity ibm CWE-200	5.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.