PT-2020-18076 · Ibm · Ibm Security Verify Access

Chris Shepherd

Published

2020-08-04

Updated

2020-08-06

CVE-2020-4459

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Verify Access version 10.7

Description The issue concerns hard-coded credentials, including passwords or cryptographic keys, used by IBM Security Verify Access for inbound authentication, communication with external components, or internal data encryption.

Recommendations For IBM Security Verify Access version 10.7, update to a version that removes or properly secures the hard-coded credentials to prevent unauthorized access.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2020-4459

Affected Products

Ibm Security Verify Access

PT-2020-18076 · Ibm · Ibm Security Verify Access

CVE-2020-4459

Weakness Enumeration

Related Identifiers

Affected Products

References · 4