Vulnerability in Ibm Data Risk Manager
CVE-2021-38915
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 209947.
EPSS: 0.001 (35.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/A:N/AC:H/PR:L/UI:N/I:N/C:H/AV:N/S:U/RL:O/E:U/RC:C.
Affected products
- Ibm Data Risk Manager — versions 2.0.6
References
- www.ibm.com/support/pages/node/6497499 (x_refsource_CONFIRM)
- ibm-cprm-cve202138915-info-disc (209947) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2021-38915?
- CVE-2021-38915 is a medium-severity vulnerability in Ibm Data Risk Manager. CVSS score: 5.3/10. Published 2021-10-12.
- How severe is CVE-2021-38915?
- Medium severity. CVSS v3 base score is 5.3 out of 10.