User Credentials Exposure in IBM Security Identity Manager
CVE-2021-29683

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Security Identity Manager
Vendor: CVE Published:; 20 May 2021

Summary

The IBM Security Identity Manager version 7.0.2 is affected by a vulnerability where user credentials are stored in plain text format. As a result, authenticated users may be able to read these credentials, leading to potential unauthorized access and significant security risks. It is crucial for organizations using this software to address this vulnerability promptly to safeguard sensitive data.

Affected Version(s)

Security Identity Manager 7.0.2

References

https://www.ibm.com/support/pages/node/6454587

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/199998

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 20, 2021
Vulnerability Reserved
Mar 31, 2021