Lucene search
China National Vulnerability DatabaseCNVD-2022-54888HistoryJul 29, 2022 - 12:00 a.m.
IBM Security Verify Information Queue Information Disclosure Vulnerability (CNVD-2022-54888)
2022-07-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
0.001 Low
EPSS
Percentile
43.3%
IBM Security Verify Information Queue (using the acronym “ISIQ”) is a cross-product integrator that uses Kafka technology and a publish/subscribe model to integrate data between IBM Security products. Security Verify Information Queue is vulnerable to information disclosure in version 10.0.2. An information disclosure vulnerability exists due to a missing or insecure SameSite attribute of a sensitive cookie. An attacker could use the vulnerability to launch a targeted attack against the target and compromise site system security.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security verify information queue | eq | 10.0.2 |
Related
nvd
nvd
CVE-2022-35284
2022-07-25 18:23:11
cve
cve
CVE-2022-35284
2022-07-25 18:23:11
prion
prion
Information disclosure
2022-07-25 18:23:00
ibm
ibm
cvelist
cvelist
CVE-2022-35284
2022-07-22 00:00:00