Vulnerability in Ibm Security Verify Information Queue
CVE-2021-20410
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques. IBM X-Force ID: 198190.
EPSS: 0.006 (46.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Ibm Security Verify Information Queue — versions 1.0.6, 1.0.7
- Ibm Security_verify_information_queue — versions 1.0.6, 1.0.7
- Linux Linux_kernel
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)
Frequently asked questions
- What is CVE-2021-20410?
- CVE-2021-20410 is a medium-severity vulnerability in Ibm Security Verify Information Queue, classified under Insufficiently Protected Credentials. CVSS score: 5.3/10. Published 2021-02-12.
- How severe is CVE-2021-20410?
- Medium severity. CVSS v3 base score is 5.3 out of 10.