CVE-2021-38957 LOW

CVE-2021-38957

Vendor Ibm
Product Security Verify Access
Published January 7, 2022
Last update September 17, 2024

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/S:U/PR:N/UI:R/AV:N/I:N/C:L/AC:H/A:N/E:U/RL:O/RC:C

What the vulnerability does

01Description

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040.

Key dates

02Disclosure timeline

January 7, 2022 CVE published
September 17, 2024 Record updated