Description
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 127399.
CVSS breakdown
CVSS 3.0
Availability
None
Attack Complexity
High
Attack Vector
Network
Confidentiality
High
Integrity
None
Privileges Required
None
Scope
Unchanged
User Interaction
None
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / Security Identity Governance and Intelligence5.2 – 5.2
- ibm / Security Identity Governance and Intelligence5.2.1 – 5.2.1
- ibm / Security Identity Governance and Intelligence5.2.2 – 5.2.2
- ibm / Security Identity Governance and Intelligence5.2.2.1 – 5.2.2.1
- ibm / Security Identity Governance and Intelligence5.2.3 – 5.2.3
- ibm / Security Identity Governance and Intelligence5.2.3.1 – 5.2.3.1
- ibm / Security Identity Governance and Intelligence5.2.3.2 – 5.2.3.2