Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Security Verify Governance  Security Vulnerabilities
CVE-2024-22330
IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-06-06
CVE-2023-33844
IBM Security Verify Governance 10.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-04-09
CVE-2023-33838
IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-01-29
CVE-2023-35017
IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an attacker using man in the middle techniques.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-01-29
CVE-2023-35888
IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 258375.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-03-20
CVE-2023-33840
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-10-23
CVE-2022-22466
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-10-23
CVE-2023-33837
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.
CVSS Score
4.1
EPSS Score
0.0
Published
2023-10-23
CVE-2023-33839
IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 256036.
CVSS Score
7.2
EPSS Score
0.001
Published
2023-10-23
CVE-2023-33836
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved