CVE-2021-38957

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*

History

13 Jan 2022, 20:37

Type Values Removed Values Added
CWE CWE-20
CVSS v2 : unknown
v3 : unknown
v2 : 5.0
v3 : 7.5
First Time Ibm security Verify Access
Ibm
CPE cpe:2.3:a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/212040 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/212040 - VDB Entry, Vendor Advisory
References (CONFIRM) https://www.ibm.com/support/pages/node/6538418 - (CONFIRM) https://www.ibm.com/support/pages/node/6538418 - Patch, Vendor Advisory

10 Jan 2022, 14:14

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-10 14:10

Updated : 2023-12-10 14:09


NVD link : CVE-2021-38957

Mitre link : CVE-2021-38957

CVE.ORG link : CVE-2021-38957


JSON object : View

Products Affected

ibm

  • security_verify_access
CWE
CWE-20

Improper Input Validation