10.7

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

ibm

NVD

Published: 2020-01-28

Updated: 2020-01-30

Summary

IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 170043.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Security Secret Server 10.6 IBM Security Secret Server 10.7	2

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/170043
https://www.ibm.com/support/pages/node/1283242