Hard-Coded Credential Vulnerability in IBM Security Identity Manager
CVE-2021-29691
5.9MEDIUM
Summary
IBM Security Identity Manager 7.0.2 includes hard-coded credentials that pose significant risks as they are utilized for inbound authentication, outbound communication with external components, and the encryption of internal data. This security flaw may lead to unauthorized access and data breaches, compromising the integrity of the data managed by the system. It is critical for organizations utilizing this product to assess their security posture and mitigate potential risks associated with this vulnerability.
Affected Version(s)
Security Identity Manager 7.0.2
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved