CVE-2021-20404 — IBM Security Verify Information Queue vulnerability

3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.3%

top 45.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Verify Information Queue

Timeline

PublishedFeb 11

Latest updateMay 24

Description

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins. IBM X-Force ID: 196078.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5ibm/security_verify_information_queue1.0.6, 1.0.7+1

▶NVDibm/security_verify_information_queue1.0.6, 1.0.7+1

🔴Vulnerability Details

GHSA

GHSA-fjvw-vpv7-j2gp: IBM Security Verify Information Queue 1↗2022-05-24

▶

CVEList

CVE-2021-20404: IBM Security Verify Information Queue 1↗2021-02-11

▶