Improper Output Encoding in IBM Security Verify Information Queue
CVE-2021-20405

3.1LOW

Key Information:

Vendor
IBM
Status
Security Verify Information Queue
Vendor
CVE Published:
11 February 2021

Summary

The IBM Security Verify Information Queue, specifically versions 1.0.6 and 1.0.7, is susceptible to a vulnerability that allows users to perform unauthorized activities. This issue arises from improper encoding of output, potentially exposing sensitive information and compromising the integrity of the application. For more details, please refer to IBM's support page and the X-Force vulnerability database.

Affected Version(s)

Security Verify Information Queue 1.0.6

Security Verify Information Queue 1.0.7

References

https://www.ibm.com/support/pages/node/6414367
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/196183
vdb-entryx_refsource_XF

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.