Security Verify Governance Security Vulnerabilities and Issues — Security Verify Governance CVE List

Lucene search

IbmSecurity Verify Governance

5 matches found

CVE•added 2025/06/06 2:15 a.m.•52 views

CVE-2024-22330

IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

9.8CVSS5.6AI score0.00046EPSS

CVE•added 2025/01/29 2:15 a.m.•46 views

CVE-2023-33838

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

4.9CVSS4.7AI score0.0001EPSS

CVE•added 2025/04/09 2:15 p.m.•43 views

CVE-2023-33844

IBM Security Verify Governance 10.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.3AI score0.00019EPSS

CVE•added 2025/01/29 12:15 a.m.•43 views

CVE-2023-35017

IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques.

5.9CVSS5.6AI score0.00009EPSS

CVE•added 2025/08/28 3:15 a.m.•7 views

CVE-2025-36003

IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system.

7.5CVSS5.8AI score0.00047EPSS