Description

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.

Remediation

References

CVE-2021-20439

Related Vulnerabilities

Ruby Resource Management Errors Vulnerability (CVE-2014-6438)

WordPress Plugin WP Attachment Export Arbitrary File Download (0.2.3)

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)

WordPress Plugin Properties and Agents-Real Estate Manager Cross-Site Scripting (6.7.1)

WordPress Plugin Thumbnail carousel slider Arbitrary File Upload (1.0)

Severity

High

Classification

CVE-2021-20439 CWE-522 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities