Hard-Coded Credential Vulnerability in IBM Security Identity Manager
CVE-2021-29691

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
20 May 2021

Summary

IBM Security Identity Manager 7.0.2 includes hard-coded credentials that pose significant risks as they are utilized for inbound authentication, outbound communication with external components, and the encryption of internal data. This security flaw may lead to unauthorized access and data breaches, compromising the integrity of the data managed by the system. It is critical for organizations utilizing this product to assess their security posture and mitigate potential risks associated with this vulnerability.

Affected Version(s)

Security Identity Manager 7.0.2

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.