Vulnerabilities > CVE-2021-20581 - Insufficient Session Expiration vulnerability in IBM Security Verify Privilege On-Premises

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

CWE-613

NVD

Published: 2023-10-17

Updated: 2023-10-18

Summary

IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Security Verify Privilege ON Premises *	1
OS	Apple Apple Macos -	1
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-613 - Insufficient Session Expiration

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/199324
https://www.ibm.com/support/pages/node/7047202