Improper Output Encoding in IBM Security Verify Information Queue
CVE-2021-20405

3.1LOW

Key Information:

Vendor: IBM
Status: Security Verify Information Queue
Vendor: CVE Published:; 11 February 2021

What is CVE-2021-20405?

The IBM Security Verify Information Queue, specifically versions 1.0.6 and 1.0.7, is susceptible to a vulnerability that allows users to perform unauthorized activities. This issue arises from improper encoding of output, potentially exposing sensitive information and compromising the integrity of the application. For more details, please refer to IBM's support page and the X-Force vulnerability database.

Affected Version(s)

Security Verify Information Queue 1.0.6

Security Verify Information Queue 1.0.7

References

https://www.ibm.com/support/pages/node/6414367

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/196183

vdb-entryx_refsource_XF

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2021
Vulnerability Reserved
Dec 17, 2020