CVE-2018-1944
First published: Thu Feb 21 2019(Updated: )
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153386.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Identity Governance and Intelligence | >=5.2<=5.2.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-1944?
CVE-2018-1944 is a vulnerability in IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance that allows an attacker to gain unauthorized access to the system.
How severe is CVE-2018-1944?
CVE-2018-1944 has a severity rating of 9.8, which is classified as critical.
What is the affected software for CVE-2018-1944?
The affected software for CVE-2018-1944 is IBM Security Identity Governance and Intelligence version 5.2 through 5.2.4.1 Virtual Appliance.
What is the CWE-ID for CVE-2018-1944?
The CWE-ID for CVE-2018-1944 is 798.
How do I fix CVE-2018-1944?
To fix CVE-2018-1944, upgrade to a version of IBM Security Identity Governance and Intelligence that is not affected by this vulnerability.
- collector/nvd-index
- vendor/ibm
- canonical/ibm security identity governance and intelligence
- version/ibm security identity governance and intelligence/5.2
- version/ibm security identity governance and intelligence/5.2.4.1