Hard-Coded Credentials Vulnerability in IBM Security Verify Bridge
CVE-2021-20442

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
3 March 2021

Summary

IBM Security Verify Bridge has been identified to contain hard-coded credentials, including passwords and cryptographic keys, which are used for essential functions like inbound authentication, outbound communication with external components, and the encryption of internal data. This security flaw poses significant risks as it may allow unauthorized access and compromise the integrity and confidentiality of sensitive information. Users are advised to assess their versions and apply recommended security patches to mitigate potential threats.

Affected Version(s)

Security Verify Bridge = unspecified

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.