Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Security Verify Governance Security Vulnerabilities - 2023

cve
cve

CVE-2022-22462

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

7.5CVSS

7.1AI Score

0.001EPSS

2023-01-26 09:15 PM
44
cve
cve

CVE-2022-22466

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222.

9.8CVSS

9AI Score

0.001EPSS

2023-10-23 08:15 PM
37
cve
cve

CVE-2022-22470

IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.

5.5CVSS

5AI Score

0.0004EPSS

2023-01-09 08:15 AM
49
cve
cve

CVE-2023-33836

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.

9.8CVSS

8.9AI Score

0.001EPSS

2023-10-16 01:15 AM
46
cve
cve

CVE-2023-33837

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.

7.5CVSS

7.2AI Score

0.001EPSS

2023-10-23 08:15 PM
40
cve
cve

CVE-2023-33839

IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 256036.

8.8CVSS

8.5AI Score

0.001EPSS

2023-10-23 08:15 PM
36
cve
cve

CVE-2023-33840

IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037.

4.8CVSS

4.8AI Score

0.0004EPSS

2023-10-23 08:15 PM
30
cve
cve

CVE-2023-35013

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

4.4CVSS

4.1AI Score

0.0004EPSS

2023-10-16 12:15 AM
55
cve
cve

CVE-2023-35016

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257772.

6.5CVSS

6.2AI Score

0.001EPSS

2023-07-31 01:15 AM
44
cve
cve

CVE-2023-35018

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382.

7.2CVSS

6.7AI Score

0.001EPSS

2023-10-16 12:15 AM
37
cve
cve

CVE-2023-35019

IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 257873.

8.8CVSS

8.4AI Score

0.001EPSS

2023-07-31 01:15 AM
33