Vulnerability: Password Manipulation in IBM Security Identity Manager 6.0.2

Vulnerability: Password Manipulation in IBM Security Identity Manager 6.0.2

CVE-2021-20488 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789.

Learn more about our User Device Pen Test.