mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
90 lines
2.7 KiB
JSON
90 lines
2.7 KiB
JSON
{
|
|
"data_format": "MITRE",
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"value": "Gain Access",
|
|
"lang": "eng"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2021-20488",
|
|
"STATE": "PUBLIC",
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"DATE_PUBLIC": "2021-06-15T00:00:00"
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.ibm.com/support/pages/node/6464081",
|
|
"url": "https://www.ibm.com/support/pages/node/6464081",
|
|
"refsource": "CONFIRM",
|
|
"title": "IBM Security Bulletin 6464081 (Security Identity Manager)"
|
|
},
|
|
{
|
|
"name": "ibm-sim-cve202120488-gain-access (197789)",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197789",
|
|
"refsource": "XF",
|
|
"title": "X-Force Vulnerability Report"
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Security Identity Manager",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "6.0.2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "IBM"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"impact": {
|
|
"cvssv3": {
|
|
"TM": {
|
|
"E": "U",
|
|
"RL": "O",
|
|
"RC": "C"
|
|
},
|
|
"BM": {
|
|
"AV": "N",
|
|
"C": "H",
|
|
"PR": "L",
|
|
"SCORE": "7.500",
|
|
"UI": "N",
|
|
"A": "H",
|
|
"S": "U",
|
|
"AC": "H",
|
|
"I": "H"
|
|
}
|
|
}
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789."
|
|
}
|
|
]
|
|
}
|
|
} |