Information Disclosure in IBM Security Verify Privilege Vault
CVE-2021-20583

6.2MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Privilege Vault
Vendor: CVE Published:; 25 June 2021

Summary

IBM Security Verify Privilege Vault version 10.9.66 is susceptible to an information disclosure vulnerability caused by improper input validation. This issue allows a privileged user to potentially expose sensitive information through an HTTP GET request. Organizations using this version are advised to review the security measures in place and apply any necessary updates to mitigate the risks associated with this vulnerability. For more details, visit the IBM support page and the IBM X-Force Exchange.

Affected Version(s)

Security Verify Privilege Vault 10.9.66

References

https://www.ibm.com/support/pages/node/6467045

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/199396

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 25, 2021
Vulnerability Reserved
Dec 17, 2020