CVE-2021-20534

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Docker version 10.0.0

Description: A remote attacker could conduct phishing attacks using an open redirect attack. The attacker could persuade a victim to visit a specially crafted Web site, exploiting this issue to spoof the URL displayed and redirect the user to a malicious Web site that appears trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

Recommendations: For IBM Security Verify Access Docker version 10.0.0, consider restricting access to the affected Docker instance until a patch is available. As a temporary workaround, avoid using links from untrusted sources to minimize the risk of exploitation.