Information Disclosure in IBM Security Verify Privilege Vault
CVE-2021-20583

6.2MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
25 June 2021

Summary

IBM Security Verify Privilege Vault version 10.9.66 is susceptible to an information disclosure vulnerability caused by improper input validation. This issue allows a privileged user to potentially expose sensitive information through an HTTP GET request. Organizations using this version are advised to review the security measures in place and apply any necessary updates to mitigate the risks associated with this vulnerability. For more details, visit the IBM support page and the IBM X-Force Exchange.

Affected Version(s)

Security Verify Privilege Vault 10.9.66

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.