First published: Mon May 17 2021(Updated: )
IBM Security Access Manager Docker could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Verify Access | =10.0.0 | |
Docker Docker | ||
<=10.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2021-20499.
The title of this vulnerability is "IBM Security Access Manager Docker could allow a remote attacker to obtain sensitive information."
The affected software in this vulnerability is IBM Security Verify Access Docker version 10.0.0.
The severity rating for this vulnerability is medium.
The CWE category associated with this vulnerability is CWE-209.
A remote attacker can exploit this vulnerability by obtaining sensitive information through a detailed technical error message returned in the browser.
The IBM X-Force ID for this vulnerability is 197973.
Yes, there are references available for this vulnerability. They can be found at the following links: [Reference 1](https://exchange.xforce.ibmcloud.com/vulnerabilities/197973), [Reference 2](https://www.ibm.com/support/pages/node/6471895).