CVE-2021-20510Cleartext Storage of Sensitive Info in IBM Security Verify Access Docker

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 83.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Verify Access DockerIBM Security Verify Access
Timeline
PublishedJul 15
Latest updateMay 24

Description

IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-qwvj-hf35-5g52: IBM Security Verify Access Docker 102022-05-24
CVEList
CVE-2021-20510: IBM Security Verify Access Docker 102021-07-15
CVE-2021-20510 — Cleartext Storage of Sensitive Info | cvebase