Improper Output Encoding in IBM Security Verify Information Queue
CVE-2021-20405

3.1LOW

Key Information:

Vendor
IBM
Vendor
CVE Published:
11 February 2021

Summary

The IBM Security Verify Information Queue, specifically versions 1.0.6 and 1.0.7, is susceptible to a vulnerability that allows users to perform unauthorized activities. This issue arises from improper encoding of output, potentially exposing sensitive information and compromising the integrity of the application. For more details, please refer to IBM's support page and the X-Force vulnerability database.

Affected Version(s)

Security Verify Information Queue 1.0.6

Security Verify Information Queue 1.0.7

References

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.