1.0.7

CVSS 8.1 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

low complexity

ibm

CWE-669

NVD

Published: 2021-02-12

Updated: 2021-02-12

Summary

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Security Verify Information Queue 1.0.6 IBM Security Verify Information Queue 1.0.7	2
OS	Linux Linux Linux Kernel -	1

Common Weakness Enumeration (CWE)

CWE-669 - Incorrect Resource Transfer Between Spheres

References

https://www.ibm.com/support/pages/node/6414777
https://exchange.xforce.ibmcloud.com/vulnerabilities/196191