CVE-2021-20439

7.5HIGH

Key Information:

Vendor: IBM
Status: Security Verify Access Docker; Security Access Manager
Vendor: CVE Published:; 15 July 2021

Summary

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.

Affected Version(s)

Security Access Manager 9.0

Security Verify Access Docker 10.0.0

References

https://www.ibm.com/support/pages/node/6471903

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/196453

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2021
Vulnerability Reserved
Dec 17, 2020