Security Verify Access Security Vulnerabilities and Issues — Security Verify Access CVE List

Lucene search

IbmSecurity Verify Access

13 matches found

CVE•added 2023/10/14 4:15 p.m.•80 views

CVE-2022-43868

IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445.

5.3CVSS4.9AI score0.00059EPSS

CVE•added 2024/06/27 4:15 p.m.•57 views

CVE-2023-30430

IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. IBM X-Force ID: 252183.

5.5CVSS5AI score0.00029EPSS

CVE•added 2021/07/15 6:15 p.m.•56 views

CVE-2021-20498

IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requests that could be used in further attacks against the system. IBM X-Force ID: 197972.

5.3CVSS5.9AI score0.00163EPSS

CVE•added 2024/06/27 4:15 p.m.•51 views

CVE-2024-31883

IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption. IBM X-Force ID: 287615.

5.9CVSS5.3AI score0.00061EPSS

CVE•added 2022/07/08 6:15 p.m.•50 views

CVE-2022-22370

IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00215EPSS

CVE•added 2024/01/11 3:15 a.m.•45 views

CVE-2023-31001

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653.

5.5CVSS5AI score0.00028EPSS

CVE•added 2020/10/12 1:15 p.m.•44 views

CVE-2020-4661

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186142.

5.3CVSS4.9AI score0.00107EPSS

CVE•added 2025/06/11 3:15 p.m.•37 views

CVE-2025-0163

IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts.

5.3CVSS6.8AI score0.00048EPSS

CVE•added 2021/06/01 2:15 p.m.•35 views

CVE-2021-20585

IBM Security Verify Access 20.07 could disclose sensitive information in HTTP server headers that could be used in further attacks against the system. IBM X-Force ID: 199398.

5.3CVSS4.9AI score0.00163EPSS

CVE•added 2020/10/12 1:15 p.m.•31 views

CVE-2020-4660

5.3CVSS4.9AI score0.00123EPSS

CVE•added 2022/01/10 2:10 p.m.•31 views

CVE-2021-38895

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.3AI score0.00346EPSS

CVE•added 2022/01/10 2:10 p.m.•31 views

CVE-2021-38956

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038

5.3CVSS5.2AI score0.0014EPSS

CVE•added 2020/10/12 1:15 p.m.•29 views

CVE-2020-4699

5.3CVSS4.9AI score0.00107EPSS