Local Code Execution Vulnerability in IBM Security Verify Privilege Manager
CVE-2020-4610

7.4HIGH

Key Information:

Vendor: IBM
Status: Security Verify Privilege Manager
Vendor: CVE Published:; 25 June 2021

Summary

IBM Security Verify Privilege Manager version 10.8.2 is susceptible to a local code execution vulnerability that arises from improper integrity checks. This flaw may enable a local user to execute arbitrary code on the system, potentially compromising sensitive data and system integrity. It's crucial for users to apply the latest security updates to mitigate this risk.

Affected Version(s)

Security Verify Privilege Manager 10.8.2

References

https://www.ibm.com/support/pages/node/6467047

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/184919

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 25, 2021
Vulnerability Reserved
Dec 30, 2019