Security Verify Governance@10.0.2 Security Vulnerabilities and Issues — Security Verify Governance@10.0.2 CVE List

Lucene search

IbmSecurity Verify Governance10.0.2

5 matches found

CVE•added 2024/03/20 2:15 p.m.•73 views

CVE-2023-35888

IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ...

5.9CVSS5.4AI score0.00015EPSS

CVE•added 2025/06/06 2:15 a.m.•49 views

CVE-2024-22330

IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

9.8CVSS5.6AI score0.00044EPSS

CVE•added 2025/01/29 2:15 a.m.•44 views

CVE-2023-33838

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

4.9CVSS4.7AI score0.0001EPSS

CVE•added 2025/04/09 2:15 p.m.•41 views

CVE-2023-33844

IBM Security Verify Governance 10.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.3AI score0.00036EPSS

CVE•added 2025/01/29 12:15 a.m.•41 views

CVE-2023-35017

IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques.

5.9CVSS5.6AI score0.00009EPSS