Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33837 | 1 Ibm | 1 Security Verify Governance | 2024-09-19 | N/A | 7.5 HIGH |
| IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020. | |||||
| CVE-2023-35019 | 1 Ibm | 1 Security Verify Governance | 2024-02-05 | N/A | 8.8 HIGH |
| IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873. | |||||
| CVE-2023-35016 | 1 Ibm | 1 Security Verify Governance | 2024-02-05 | N/A | 6.5 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772. | |||||
| CVE-2022-22460 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-02-04 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013. | |||||
| CVE-2022-22452 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-02-04 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918. | |||||
| CVE-2022-22453 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-02-04 | N/A | 7.5 HIGH |
| IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919. | |||||
| CVE-2022-22455 | 1 Ibm | 1 Security Verify Governance | 2024-02-04 | N/A | 9.8 CRITICAL |
| IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989. | |||||
| CVE-2022-22450 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2024-02-04 | N/A | 3.8 LOW |
| IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916. | |||||