CVE-2021-20414
First published: Fri Jun 25 2021(Updated: )
IBM Guardium Data Encryption (GDE) could allow a user to bruce force sensitive information due to not properly limiting the number of interactions.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM GDE | <=3.0.0.2 | |
| IBM Guardium Data Encryption | =3.0.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
How does the vulnerability CVE-2021-20414 impact IBM Guardium Data Encryption (GDE)?
The vulnerability allows a user to brute force sensitive information due to the lack of proper limitations on the number of interactions in IBM Guardium Data Encryption (GDE) version 3.0.0.2.
What is the severity rating of CVE-2021-20414?
The severity rating of CVE-2021-20414 is medium with a value of 4.9.
What is the vendor and product affected by CVE-2021-20414?
IBM Guardium Data Encryption (GDE) version 3.0.0.2 is the affected product of vendor IBM.
How can an attacker exploit CVE-2021-20414?
An attacker could exploit CVE-2021-20414 by performing a brute force attack to obtain sensitive information.
Is there any fix or patch available for CVE-2021-20414?
Please refer to the IBM support page (https://www.ibm.com/support/pages/node/6470849) for information on available fixes or patches for CVE-2021-20414.
- collector/ibm-support
- collector/nvd-index
- agent/type
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- vendor/ibm
- canonical/ibm gde
- version/ibm gde/3.0.0.2
- canonical/ibm guardium data encryption
- version/ibm guardium data encryption/3.0.0.2