CVE-2020-4595: High severity IBM Security Guardium Insights vulnerability

Q: What is CVE-2020-4595?

CVE-2020-4595 is a vulnerability in IBM Security Guardium Insights 2.0.2 that allows an attacker to decrypt highly sensitive information.

Q: What is the severity of CVE-2020-4595?

The severity of CVE-2020-4595 is high, with a CVSS score of 7.5.

Q: How can an attacker exploit CVE-2020-4595?

An attacker can exploit CVE-2020-4595 by leveraging weaker than expected cryptographic algorithms to decrypt highly sensitive information.

Q: Is IBM Security Guardium Insights 2.0.2 affected by CVE-2020-4595?

Yes, IBM Security Guardium Insights 2.0.2 is affected by CVE-2020-4595.

Q: How can I fix CVE-2020-4595?

To fix CVE-2020-4595, it is recommended to apply the necessary patches provided by IBM.

Published Jan 12, 2021

Updated

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819.

Other sources

IBM Security Guardium Insights uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Affected Software

3 affected componentsFixes available

IBM Security Guardium Insights<=2.0.2

IBM Security Guardium Insights=2.0.2

Linux Linux kernel

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6403463

Event History

Jan 12, 2021

CVE Published

via IBM·12:00 AM

Jan 13, 2021

CVE Published

via MITRE·06:10 PM

Data Sourced

via MITRE·06:10 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6403463

Frequently Asked Questions

What is CVE-2020-4595?

CVE-2020-4595 is a vulnerability in IBM Security Guardium Insights 2.0.2 that allows an attacker to decrypt highly sensitive information.

What is the severity of CVE-2020-4595?