Information Exposure in IBM Security Identity Manager Virtual Appliance
CVE-2019-4676
6.3MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 1 July 2020
Summary
The IBM Security Identity Manager Virtual Appliance 7.0.2 is susceptible to a vulnerability where user credentials are stored in plain text. This design flaw allows an unauthorized local user to access sensitive information, posing a significant security risk. It's essential for organizations utilizing this product to review their configurations and implement necessary security measures to protect user credentials.
Affected Version(s)
Security Identity Manager Virtual Appliance 7.0.2
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved