CVE Vulnerabilities

CVE-2021-20396

Insecure Storage of Sensitive Information

Published: Jun 11, 2021 | Modified: Jun 21, 2021
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009.

Weakness

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

Affected Software

Name Vendor Start Version End Version
Security_qradar_analyst_workflow Ibm 1.0 *

References