Security Directory Suite VA
by IBM
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33160 | 0.00 | — | 0.00 | Oct 6, 2023 | IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568. | |||
| CVE-2022-32752 | 0.00 | — | 0.01 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439. | |||
| CVE-2022-32757 | 0.00 | — | 0.01 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 228510. | |||
| CVE-2022-33166 | 0.00 | — | 0.01 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586. | |||
| CVE-2022-33159 | 0.00 | — | 0.00 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567. | |||
| CVE-2022-33168 | 0.00 | — | 0.01 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 228588. | |||
| CVE-2022-33163 | 0.00 | — | 0.01 | Jun 15, 2023 | IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571. |
- CVE-2022-33160Oct 6, 2023risk 0.00cvss —epss 0.00
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.
- CVE-2022-32752Jun 15, 2023risk 0.00cvss —epss 0.01
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.
- CVE-2022-32757Jun 15, 2023risk 0.00cvss —epss 0.01
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 228510.
- CVE-2022-33166Jun 15, 2023risk 0.00cvss —epss 0.01
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586.
- CVE-2022-33159Jun 15, 2023risk 0.00cvss —epss 0.00
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567.
- CVE-2022-33168Jun 15, 2023risk 0.00cvss —epss 0.01
IBM Security Directory Suite VA 8.0.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 228588.
- CVE-2022-33163Jun 15, 2023risk 0.00cvss —epss 0.01
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571.