Security Verify Access
Sign in to watchby IBM
CVEs (25)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-49805 | 0.00 | — | 0.00 | Nov 29, 2024 | IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | ||
| CVE-2024-49803 | 0.00 | — | 0.01 | Nov 29, 2024 | IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | ||
| CVE-2023-30430 | 0.00 | — | 0.00 | Jun 27, 2024 | IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. IBM X-Force ID: 252183. | ||
| CVE-2024-31883 | 0.00 | — | 0.00 | Jun 27, 2024 | IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption. IBM X-Force ID: 287615. | ||
| CVE-2023-38267 | 0.00 | — | 0.00 | Jan 11, 2024 | IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 260584. |
Page 2 of 2