Severity

Medium

Analysis Summary

CVE-2021-29785 

IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

Impact

• Information Disclosure

Affected Vendors

IBM

Affected Products

• IBM Security SOAR 42
• IBM Security SOAR 43

Remediation

Refer to IBM Security Bulletin for patch, upgrade, or suggested workaround information.