CVE-2021-20496Improper Input Validation in IBM Security Verify Access Docker

CWE-20Improper Input Validation3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.2%
top 60.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Verify Access DockerIBM Security Verify Access
Timeline
PublishedJul 15
Latest updateMay 24

Description

IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-m4g3-x748-23v3: IBM Security Verify Access Docker 102022-05-24
CVEList
CVE-2021-20496: IBM Security Verify Access Docker 102021-07-15
CVE-2021-20496 — Improper Input Validation in IBM | cvebase