CVE-2021-20417
First published: Wed Jul 07 2021(Updated: )
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196219
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Guardium Data Encryption | =4.0.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-20417.
What is the severity of CVE-2021-20417?
The severity of CVE-2021-20417 is medium with a severity value of 4.3.
How can a remote attacker exploit this vulnerability?
A remote attacker can exploit this vulnerability by obtaining sensitive information when a detailed technical error message is returned in the browser.
What can an attacker do with the sensitive information obtained?
An attacker can use the sensitive information obtained in further attacks against the system.
Is there a fix available for this vulnerability?
Please refer to the IBM support page (https://www.ibm.com/support/pages/node/6469691) for information on available fixes for this vulnerability.
- collector/nvd-index
- vendor/ibm
- canonical/ibm guardium data encryption
- version/ibm guardium data encryption/4.0.0.4