CVE-2020-4596: High severity ibm security guardium insights vulnerability

Q: What is IBM Security Guardium Insights?

IBM Security Guardium Insights is a security solution offered by IBM.

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-4596.

Q: What is the severity of CVE-2020-4596?

The severity of CVE-2020-4596 is high, with a CVSS score of 7.5.

Q: What is the impact of this vulnerability?

This vulnerability could allow an attacker to decrypt highly sensitive information.

Q: How can I fix this vulnerability?

To fix this vulnerability, update IBM Security Guardium Insights to version 2.0.3 or later.

Published Jan 12, 2021

Updated

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812.

Other sources

IBM Security Guardium Insights uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Affected Software

3 affected componentsFixes available

IBM Security Guardium Insights<=2.0.2

IBM Security Guardium Insights=2.0.2

Linux Linux kernel

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6403463

Event History

Jan 12, 2021

CVE Published

via IBM·12:00 AM

Jan 13, 2021

CVE Published

via MITRE·06:10 PM

Data Sourced

via MITRE·06:10 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6403463

Frequently Asked Questions

What is IBM Security Guardium Insights?

IBM Security Guardium Insights is a security solution offered by IBM.

What is the vulnerability ID for this issue?