IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/197789 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6464081 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
21 Jun 2021, 17:57
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.ibm.com/support/pages/node/6464081 - Patch, Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/197789 - VDB Entry, Vendor Advisory | |
CWE | CWE-668 | |
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_identity_manager:6.0.2:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 6.5 |
17 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789. |
16 Jun 2021, 17:47
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-16 17:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-20488
Mitre link : CVE-2021-20488
CVE.ORG link : CVE-2021-20488
JSON object : View
Products Affected
oracle
- solaris
linux
- linux_kernel
ibm
- aix
- security_identity_manager
microsoft
- windows
CWE