CVE-2023-31001 IBM Security Access Manager Container information disclosure

🗓️ 11 Jan 2024 02:44:33Reported by ibmType

IBM Security Access Manager Container information disclosure CVE-2023-3100

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access	9 Feb 202420:04	–	ibm
BDU FSTEC	The vulnerability of the software protection tool for accessing applications in Docker environments. IBM Security Verify Access Docker, a access management system from IBM Security Verify Access, which involves storing passwords in a reversible format. This allows attackers to exploit the protected information.	23 Jan 202400:00	–	bdu_fstec
Circl	CVE-2023-31001	11 Jan 202404:32	–	circl
CNNVD	IBM Security Access Manager Appliance Security Vulnerability	11 Jan 202400:00	–	cnnvd
CVE	CVE-2023-31001	11 Jan 202402:44	–	cve
EUVD	EUVD-2023-35339	3 Oct 202520:07	–	euvd
NVD	CVE-2023-31001	11 Jan 202403:15	–	nvd
Packet Storm	IBM Security Verify Access 32 Vulnerabilities	4 Nov 202400:00	–	packetstorm
Prion	Code injection	11 Jan 202403:15	–	prion
RedhatCVE	CVE-2023-31001	23 May 202505:29	–	redhatcve

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Access Appliance",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.6.1",
        "status": "affected",
        "version": "10.0.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Access Docker",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.6.1",
        "status": "affected",
        "version": "10.0.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7106586
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/254653

11 Jan 2024 02:44Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.1

EPSS0.0021

CWE-257