CVE-2017-1411

MEDIUM

IBM Security Identity Governance And ... - Insufficiently Protected Credentials

Title source: rule

Description

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 127399.

References (2)

Scores

CVSS v3 5.9
EPSS 0.0019
EPSS Percentile 41.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-522
Status published

Affected Products (7)

ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence
ibm/security_identity_governance_and_intelligence

Timeline

Published Aug 06, 2018
Tracked Since Feb 18, 2026