7.0.0.0

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ibm

CWE-787

NVD

Published: 2021-06-28

Updated: 2021-07-01

Summary

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Security Identity Manager Adapter 6.0.0.0 IBM Security Identity Manager Adapter 7.0.0.0	2
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.ibm.com/support/pages/node/6465875
https://exchange.xforce.ibmcloud.com/vulnerabilities/199249