Description
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID: 189379.
CVSS breakdown
CVSS 3.0
Confidentiality
High
Privileges Required
None
Integrity
Low
Scope
Changed
Availability
None
User Interaction
None
Attack Vector
Adjacent
Attack Complexity
High
RC
Changed
RL
O
E
Unchanged
Affected products
- ibm / Security Identity Governance and Intelligence5.2.6 – 5.2.6