Vulnerability in Ibm Aix
CVE-2021-20488
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configur…
EPSS: 0.009 (55.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Ibm Aix
- Ibm Security Identity Manager — versions 6.0.2
- Ibm Security_identity_manager — versions 6.0.2
- Linux Linux_kernel
- Microsoft Windows
- Oracle Solaris
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)
Frequently asked questions
- What is CVE-2021-20488?
- CVE-2021-20488 is a medium-severity vulnerability in Ibm Aix. CVSS score: 6.5/10. Published 2021-06-16.
- How severe is CVE-2021-20488?
- Medium severity. CVSS v3 base score is 6.5 out of 10.