CVE-2021-38956
CVE-2021-38956
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
07 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038
CVSS:3.0/AC:L/C:L/I:N/A:N/S:U/UI:N/PR:N/AV:N/RC:C/RL:O/E:U
Affected products
IBM · Security Verify Access