First published: Tue May 18 2021(Updated: )
IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199997
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Identity Manager | =7.0.2 | |
IBM AIX | ||
Linux Linux kernel | ||
Microsoft Windows | ||
Oracle Solaris | ||
<=7.0.2 | ||
<=7.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2021-29682.
CVE-2021-29682 has a severity rating of 5.3, which is considered medium.
This vulnerability allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser, which could be used in further attacks against the system.
No, IBM AIX is not affected by CVE-2021-29682.
You can find more information about CVE-2021-29682 on the IBM X-Force ID page: https://exchange.xforce.ibmcloud.com/vulnerabilities/199997 and the IBM support page: https://www.ibm.com/support/pages/node/6454587.