Hard-Coded Credentials Vulnerability in IBM Security Verify Bridge
CVE-2021-20442

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Bridge
Vendor: CVE Published:; 3 March 2021

What is CVE-2021-20442?

IBM Security Verify Bridge has been identified to contain hard-coded credentials, including passwords and cryptographic keys, which are used for essential functions like inbound authentication, outbound communication with external components, and the encryption of internal data. This security flaw poses significant risks as it may allow unauthorized access and compromise the integrity and confidentiality of sensitive information. Users are advised to assess their versions and apply recommended security patches to mitigate potential threats.

Affected Version(s)

Security Verify Bridge = unspecified

References

https://www.ibm.com/support/pages/node/6421025

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/196618

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 3, 2021
Vulnerability Reserved
Dec 17, 2020