CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4957
https://notcve.org/view.php?id=CVE-2020-4957
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information in URL parameters that could aid in future attacks against the system. IBM X-Force ID: 192208. IBM Security Identity Governance and Intelligence versión 5.2.6, podría divulgar información confidencial en parámetros de URL que podrían ayudar en futuros ataques contra el sistema. IBM X-Force ID: 192208 • https://exchange.xforce.ibmcloud.com/vulnerabilities/192208 https://www.ibm.com/support/pages/node/6586142 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4996
https://notcve.org/view.php?id=CVE-2020-4996
IBM Security Identity Governance and Intelligence 5.2.6 could allow a local user to obtain sensitive information via the capturing of screenshots of authentication credentials. IBM X-Force ID: 192913. IBM Security Identity Governance and Intelligence versión 5.2.6, podría permitir a un usuario local obtener información confidencial mediante la captura de screenshots de las credenciales de autenticación. IBM X-Force ID: 192913 • https://exchange.xforce.ibmcloud.com/vulnerabilities/192913 https://www.ibm.com/support/pages/node/6413389 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4995
https://notcve.org/view.php?id=CVE-2020-4995
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout which could allow a user to obtain sensitive information from another users' session. IBM X-Force ID: 192912. IBM Security Identity Governance and Intelligence versión 5.2.6, no invalida la sesión después del cierre de sesión, lo que podría permitir a un usuario obtener información confidencial de la sesión de otro usuario. IBM X-Force ID: 192912 • https://exchange.xforce.ibmcloud.com/vulnerabilities/192912 https://www.ibm.com/support/pages/node/6413393 • CWE-613: Insufficient Session Expiration •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4795
https://notcve.org/view.php?id=CVE-2020-4795
IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446. IBM Security Identity Governance and Intelligence versión 5.2.6, podría revelar información confidencial a un usuario no autorizado mediante una petición HTTP especialmente diseñada. IBM X-Force ID: 189446 • https://exchange.xforce.ibmcloud.com/vulnerabilities/189446 https://www.ibm.com/support/pages/node/6413399 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4791
https://notcve.org/view.php?id=CVE-2020-4791
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID: 189379. IBM Security Identity Governance and Intelligence versión 5.2.6, podría permitir a un atacante obtener información confidencial utilizando ataques de tipo man in the middle debido a una comprobación inapropiada del certificado. IBM X-Force ID: 189379 • https://exchange.xforce.ibmcloud.com/vulnerabilities/189379 https://www.ibm.com/support/pages/node/6403265 • CWE-295: Improper Certificate Validation •