Information Disclosure in IBM Security Verify Privilege Vault
CVE-2021-20583
6.2MEDIUM
Summary
IBM Security Verify Privilege Vault version 10.9.66 is susceptible to an information disclosure vulnerability caused by improper input validation. This issue allows a privileged user to potentially expose sensitive information through an HTTP GET request. Organizations using this version are advised to review the security measures in place and apply any necessary updates to mitigate the risks associated with this vulnerability. For more details, visit the IBM support page and the IBM X-Force Exchange.
Affected Version(s)
Security Verify Privilege Vault 10.9.66
References
CVSS V3.1
Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved