Ibm

Security Verify Governance

28 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-33836

  • EPSS 0.06%
  • Published 16.10.2023 01:15:09
  • Last modified 21.11.2024 08:06:03

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Forc...

7.2

CVE-2023-35018

  • EPSS 0.07%
  • Published 16.10.2023 00:15:10
  • Last modified 21.11.2024 08:07:49

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382.

4.4

CVE-2023-35013

  • EPSS 0.02%
  • Published 16.10.2023 00:15:10
  • Last modified 21.11.2024 08:07:49

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

8.8

CVE-2023-35019

  • EPSS 0.11%
  • Published 31.07.2023 01:15:09
  • Last modified 21.11.2024 08:07:50

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

6.5

CVE-2023-35016

  • EPSS 0.06%
  • Published 31.07.2023 01:15:09
  • Last modified 21.11.2024 08:07:49

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the sys...

7.5

CVE-2022-22462

  • EPSS 0.03%
  • Published 26.01.2023 21:15:29
  • Last modified 21.11.2024 06:46:50

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

5.5

CVE-2022-22470

  • EPSS 0.01%
  • Published 09.01.2023 08:15:11
  • Last modified 21.11.2024 06:46:51

IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.

5.3

CVE-2022-22449

  • EPSS 0.07%
  • Published 24.12.2022 00:15:08
  • Last modified 21.11.2024 06:46:49

IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the sy...

6.5

CVE-2022-22458

  • EPSS 0.04%
  • Published 22.12.2022 22:15:13
  • Last modified 21.11.2024 06:46:50

IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. IBM X-Force ID: 225009.

4.4

CVE-2022-22457

  • EPSS 0.01%
  • Published 22.12.2022 22:15:12
  • Last modified 21.11.2024 06:46:50

IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.