PT-2021-12254 · Ibm · Ibm Security Identity Governance/Intelligence

Chris Shepherd

Published

2021-01-21

Updated

2021-01-28

CVE-2020-4958

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Identity Governance and Intelligence version 5.2.6

Description The issue is related to the lack of authentication for certain functionality that requires a provable user identity or consumes significant resources.

Recommendations For IBM Security Identity Governance and Intelligence version 5.2.6, consider implementing additional authentication mechanisms for functionality that requires a provable user identity or consumes a significant amount of resources until a patch is available.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-4958

Affected Products

Ibm Security Identity Governance/Intelligence

PT-2021-12254 · Ibm · Ibm Security Identity Governance/Intelligence

CVE-2020-4958

Weakness Enumeration

Related Identifiers

Affected Products

References · 8