Ibm: >> Security Verify Information Queue >> 10.0.2 Security Vulnerabilities
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814.
CVSS Score
3.1
EPSS Score
0.0
Published
2022-07-26
IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 230817.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-07-25
IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 230818.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-07-25
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230812.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-07-25
IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-07-25
IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-07-14