Cross-Site Request Forgery Vulnerability in IBM Security Verify Information Queue
CVE-2021-20403
3.1LOW
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 11 February 2021
Summary
IBM Security Verify Information Queue versions 1.0.6 and 1.0.7 are susceptible to a cross-site request forgery vulnerability, potentially permitting attackers to perform unauthorized actions by tricking users into executing commands without their consent. This exploitation involves leveraging the trust established between the affected application and its users, highlighting the importance of implementing robust security measures to thwart such threats.
Affected Version(s)
Security Verify Information Queue 1.0.6
Security Verify Information Queue 1.0.7
References
CVSS V3.1
Score:
3.1
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved