CVE-2021-38859

Name of the Vulnerable Software and Affected Versions IBM Security Verify Privilege On-Premises version 11.5

Description The issue allows a user to obtain version number information using a specially crafted HTTP request, which could be used in further attacks against the system.

Recommendations For IBM Security Verify Privilege On-Premises version 11.5, consider restricting access to sensitive information and limiting the use of HTTP requests until a patch is available. As a temporary workaround, review and monitor system logs for suspicious activity related to version number information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.