CyberSec.Space Logo
Back to CVE Browser

CVE-2018-1756

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile24.46th
PublishedSep 7, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.

Affected Platforms (CPE)

πŸ“¦
Ibm

Security Identity Governance And Intelligence

= 5.2.3.2
πŸ“¦
Ibm

Security Identity Governance And Intelligence

= 5.2.4

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=ibm10728883
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
πŸ”— https://www.exploit-db.com/exploits/45392/
πŸ”— http://www.ibm.com/support/docview.wss?uid=ibm10728883
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
πŸ”— https://www.exploit-db.com/exploits/45392/

Related Vulnerabilities

CVE-2020-49589.8

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a prov...

CVE-2020-47958.2

IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a speci...

CVE-2020-42327.5

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credent...

CVE-2020-42457.5

IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which...