VYPR

Security Verify Access Appliance and Container

by IBM

CVEs (6)

  • CVE-2024-35138MedFeb 4, 2025
    risk 0.42cvss 6.5epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

  • CVE-2024-40700MedFeb 4, 2025
    risk 0.40cvss 6.1epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…

  • CVE-2024-43187MedFeb 4, 2025
    risk 0.38cvss 5.9epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

  • CVE-2024-45659MedFeb 4, 2025
    risk 0.34cvss 5.3epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.

  • CVE-2024-45657MedFeb 4, 2025
    risk 0.33cvss 5.0epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.

  • CVE-2024-45658LowFeb 4, 2025
    risk 0.18cvss 2.7epss 0.00

    IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.