Improper Storage of Plaintext Cryptographic Key in IBM Security Verify Information Queue 1.0.6 and 1.0.7

Improper Storage of Plaintext Cryptographic Key in IBM Security Verify Information Queue 1.0.6 and 1.0.7

CVE-2021-20408 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.

Learn more about our User Device Pen Test.