Denial of Service Vulnerability in IBM Security Verify Information Queue
CVE-2021-20404

2.6LOW

Key Information:

Vendor: IBM
Status: Security Verify Information Queue
Vendor: CVE Published:; 11 February 2021

Summary

A vulnerability in IBM Security Verify Information Queue versions 1.0.6 and 1.0.7 allows remote users to exploit an invalid cookie value, leading to a denial of service. This flaw may prevent users from logging in to the system, thereby disrupting normal operations and causing potential service interruptions.

Affected Version(s)

Security Verify Information Queue 1.0.6

Security Verify Information Queue 1.0.7

References

https://www.ibm.com/support/pages/node/6414363

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/196078

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.6

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2021
Vulnerability Reserved
Dec 17, 2020