CVE-2021-20411

HIGH

IBM Security Verify Information Queue <1.0.8 - Privilege Escalation

Title source: llm

Description

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.

References (2)

[Patch, Vendor Advisory] https://www.ibm.com/support/pages/node/6414777

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/196191

Scores

CVSS v3 8.1

EPSS 0.0008

EPSS Percentile 24.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-669

Status published

Products (2)

ibm/security_verify_information_queue 1.0.6

ibm/security_verify_information_queue 1.0.7

Published Feb 12, 2021

Tracked Since Feb 18, 2026