Lucene search
K
IbmSecurity Verify Bridge

7 matches found

CVE
CVE
added 2025/01/23 5:31 p.m.63 views

CVE-2024-45672

CVE-2024-45672 affects IBM Security Verify Bridge versions 1.0.0–1.0.15. The issue arises from excessive privileges granted to the agent, enabling a local privileged user to overwrite files and potentially cause a denial of service (CWE-471). The vulnerability is described with a CVSSv3.1 base sc...

6CVSS5.8AI score0.00142EPSS
CVE
CVE
added 2021/09/23 4:5 p.m.52 views

CVE-2021-38863

Summary: CVE-2021-38863 affects IBM Security Verify Bridge 1.0.5.0 and involves storing user credentials in plaintext, readable by a locally authenticated user. The publicly referenced sources (NVD/CNVD/CNNVD) confirm plaintext credential exposure and cite an accompanying impact of high confident...

6.5CVSS5.3AI score0.0022EPSS
CVE
CVE
added 2021/09/23 5:10 p.m.45 views

CVE-2021-20434

CVE-2021-20434 affects IBM Security Verify Bridge. The vulnerability arises because Verify Bridge 1.0.5.0 stores user credentials in plain clear text, allowing a local attacker to read credentials. The IBM and CNVD entries corroborate an information disclosure vector with a local attack surface, ...

4.4CVSS4.6AI score0.00207EPSS
CVE
CVE
added 2021/03/03 5:0 p.m.44 views

CVE-2021-20442

CVE-2021-20442 affects IBM Security Verify Bridge (ISVB). The issue is hard-coded credentials, including a hard-coded key used to encrypt the client secret, meaning all ISVB deployments prior to the fix rely on a shared credential. IBM notes that as of v1.0.5 ISVB re-implements its obfuscation so...

7.5CVSS7.4AI score0.00952EPSS
CVE
CVE
added 2021/09/23 5:10 p.m.44 views

CVE-2021-38864

IBM Security Verify Bridge 1.0.5.0 is affected by an information-disclosure vulnerability due to improper certificate validation. The issue could allow a user to obtain sensitive information over the network. IBM’s security bulletin indicates fixes in a later release (v1.0.7), so upgrading to IBM...

7.5CVSS7AI score0.00683EPSS
CVE
CVE
added 2021/09/23 5:10 p.m.41 views

CVE-2021-20435

The CVE-2021-20435 issue affects IBM Security Verify Bridge 1.0.5.0, where improper certificate validation can allow a local attacker to disclose sensitive information. The vulnerability arises from failing to properly validate certificates, enabling information disclosure that could aid further ...

5.5CVSS5.2AI score0.00127EPSS
CVE
CVE
added 2021/03/03 5:0 p.m.36 views

CVE-2021-20441

CVE-2021-20441 affects IBM Security Verify Bridge. The issue stems from use of weaker-than-expected cryptographic algorithms, including defaulting to TLS 1.0 when no TLS preference is specified and an older random number generator during LDAP bind authentication. This could allow an attacker to d...

5.9CVSS5.5AI score0.0073EPSS