CVE-2018-1946

Name of the Vulnerable Software and Affected Versions IBM Security Identity Governance and Intelligence versions 5.2 through 5.2.4.1 Virtual Appliance

Description The issue arises from the software's ability to interact between multiple actors and negotiate the algorithm used for protection mechanisms like encryption or authentication. However, it fails to select the strongest available algorithm that both parties can use.

Recommendations For IBM Security Identity Governance and Intelligence versions 5.2 through 5.2.4.1 Virtual Appliance, consider configuring the system to prioritize and enforce the use of the strongest available encryption or authentication algorithms until a patch is available.