Lucene search

IbmCVELIST:CVE-2021-20498

HistoryJul 15, 2021 - 5:15 p.m.

CVE-2021-20498

2021-07-1517:15:50

ibm

www.cve.org

ibm security verify access

docker

version information

http requests

security vulnerability

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

27.9%

JSON

IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requests that could be used in further attacks against the system. IBM X-Force ID: 197972.

CNA Affected

[
  {
    "product": "Security Verify Access Docker",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "10.0.0"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/197972

www.ibm.com/support/pages/node/6471895

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

27.9%

JSON

Related for CVELIST:CVE-2021-20498