PT-2021-3237 · Ibm · Ibm Security Verify Access

Published

2021-05-31

Updated

2021-06-04

CVE-2021-20576

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions IBM Security Verify Access version 20.07

Description The issue is related to the incorrect clearance or release of resources in the system, which could allow a remote attacker to cause the application to crash by sending a specially crafted HTTP GET request. This could lead to a denial of service.

Recommendations For IBM Security Verify Access version 20.07, consider restricting access to the application to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit the ability of remote attackers to send crafted HTTP requests to the application. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Resource Release

Stack Overflow

Insecure Storage of Sensitive Information

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-121CWE-922CWE-787

Related Identifiers

BDU:2021-02948

BDU:2021-02949

BDU:2021-02956

CVE-2021-20576

Affected Products

Ibm Security Verify Access

PT-2021-3237 · Ibm · Ibm Security Verify Access

CVE-2021-20576

Weakness Enumeration

Related Identifiers

Affected Products

References · 8