First published: Tue Sep 14 2021(Updated: )
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Verify Access | <=10.0.0 | |
IBM Security Verify Access | =10.0.0 | |
IBM Security Verify Access | =10.0.1.0 | |
IBM Security Verify Access | =10.0.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2021-38956.
The severity rating of CVE-2021-38956 is medium with a value of 5.3.
CVE-2021-38956 may disclose sensitive version information in HTTP response headers, which could aid in further attacks against the system.
IBM Security Verify Access versions 10.0.0, 10.0.1.0, and 10.0.2.0 are affected by CVE-2021-38956.
IBM has not provided a specific fix for CVE-2021-38956, but recommends applying the latest patches and updates for IBM Security Verify Access to mitigate the vulnerability.