Ibm: >> Security Verify Governance Security Vulnerabilities
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-12-22
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-12-22
IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 224989.
CVSS Score
2.3
EPSS Score
0.001
Published
2022-08-17
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916.
CVSS Score
3.8
EPSS Score
0.002
Published
2022-07-14
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-07-14
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919.
CVSS Score
5.1
EPSS Score
0.001
Published
2022-07-14
IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in further attacks against the system. IBM X-Force ID: 225013.
CVSS Score
3.0
EPSS Score
0.003
Published
2022-07-14
Page 3