User Credentials Exposure in IBM Security Identity Manager
CVE-2021-29683
5.3MEDIUM
Summary
The IBM Security Identity Manager version 7.0.2 is affected by a vulnerability where user credentials are stored in plain text format. As a result, authenticated users may be able to read these credentials, leading to potential unauthorized access and significant security risks. It is crucial for organizations using this software to address this vulnerability promptly to safeguard sensitive data.
Affected Version(s)
Security Identity Manager 7.0.2
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved