Lucene search

IbmCVELIST:CVE-2023-32328

HistoryFeb 07, 2024 - 4:07 p.m.

CVE-2023-32328 IBM Security Verify Access information disclosure

2024-02-0716:07:06

CWE-319

ibm

www.cve.org

ibm security verify access

information disclosure

insecure protocols

network attacker

control

ibm x-force id

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Access Appliance",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.6.1",
        "status": "affected",
        "version": "10.0.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Access Docker",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.6.1",
        "status": "affected",
        "version": "10.0.0.0",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/254657

www.ibm.com/support/pages/node/7106586

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.0%

JSON

Related for CVELIST:CVE-2023-32328