Lucene search

Security Verify Bridge Security Vulnerabilities

cve

CVE-2021-20434

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.

4.4CVSS

4.6AI Score

0.0004EPSS

2021-09-23 05:15 PM

cve

CVE-2021-20435

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355.

5.5CVSS

5.2AI Score

0.0004EPSS

2021-09-23 05:15 PM

cve

CVE-2021-20441

IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617.

5.9CVSS

5.5AI Score

0.001EPSS

2021-03-03 05:15 PM

cve

CVE-2021-20442

IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196618.

7.5CVSS

7.4AI Score

0.001EPSS

2021-03-03 05:15 PM

cve

CVE-2021-38863

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154.

5.5CVSS

5.3AI Score

0.0004EPSS

2021-09-23 05:15 PM

cve

CVE-2021-38864

IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. IBM X-Force ID: 208155.

7.5CVSS

7AI Score

0.001EPSS

2021-09-23 05:15 PM