CVE-2022-33160
- EPSS 0.03%
- Published 06.10.2023 22:15:11
- Last modified 21.11.2024 07:07:37
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.
CVE-2022-33166
- EPSS 0.06%
- Published 15.06.2023 03:15:10
- Last modified 21.11.2024 07:07:38
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586.
CVE-2022-32752
- EPSS 0.08%
- Published 15.06.2023 03:15:09
- Last modified 21.11.2024 07:06:53
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.
CVE-2022-32757
- EPSS 0.04%
- Published 15.06.2023 03:15:09
- Last modified 21.11.2024 07:06:54
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 228510.
CVE-2022-33159
- EPSS 0.04%
- Published 15.06.2023 02:15:09
- Last modified 21.11.2024 07:07:37
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567.
CVE-2022-33163
- EPSS 0.03%
- Published 15.06.2023 02:15:09
- Last modified 21.11.2024 07:07:37
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571.
CVE-2022-33168
- EPSS 0.05%
- Published 15.06.2023 02:15:09
- Last modified 21.11.2024 07:07:38
IBM Security Directory Suite VA 8.0.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 228588.