PT-2022-10820 · Ibm · Ibm Security Verify

Published

2022-01-07

·

Updated

2022-01-13

·

CVE-2021-38957

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Security Verify versions 10.0.0 through 10.0.2.0
Description The issue is related to hazardous input validation during QR code generation, which could disclose sensitive information.
Recommendations For versions 10.0.0 through 10.0.2.0, update to a version that includes a fix for the hazardous input validation issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2021-38957

Affected Products

Ibm Security Verify