Security Verify Information Queue
by IBM
CVEs (36)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-4284 | Med | 0.35 | 5.3 | 0.01 | Apr 8, 2020 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176207. | ||
| CVE-2020-4292 | Med | 0.35 | 5.3 | 0.01 | Mar 2, 2020 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information. IBM X-Force ID: 176335. | ||
| CVE-2019-4219 | Med | 0.35 | 5.3 | 0.01 | Jun 6, 2019 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 159228. | ||
| CVE-2023-33835 | Med | 0.28 | 4.3 | 0.01 | Aug 31, 2023 | IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 256015. | ||
| CVE-2023-33834 | Med | 0.28 | 4.3 | 0.01 | Aug 31, 2023 | IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-force ID: 256014. | ||
| CVE-2020-4291 | Med | 0.28 | 4.3 | 0.01 | Apr 8, 2020 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176334. | ||
| CVE-2020-4282 | Med | 0.28 | 4.3 | 0.01 | Apr 8, 2020 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Force ID: 176205. | ||
| CVE-2019-4218 | Low | 0.21 | 3.3 | 0.00 | Jun 6, 2019 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227. | ||
| CVE-2019-4161 | Low | 0.21 | 3.3 | 0.00 | Jun 6, 2019 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 158660. | ||
| CVE-2023-33833 | Low | 0.19 | 2.9 | 0.00 | Aug 31, 2023 | IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013. | ||
| CVE-2021-20402 | Low | 0.18 | 2.7 | 0.01 | Feb 11, 2021 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196076. | ||
| CVE-2020-4164 | Low | 0.18 | 2.7 | 0.01 | Apr 8, 2020 | IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400. | ||
| CVE-2021-20406 | Low | 0.14 | 2.2 | 0.00 | Feb 12, 2021 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184. | ||
| CVE-2024-45671 | 0.00 | — | 0.00 | Sep 10, 2025 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | |||
| CVE-2024-45669 | 0.00 | — | 0.00 | Sep 10, 2025 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a remote user to cause a denial of service due to improper handling of special characters that could lead to uncontrolled resource consumption. | |||
| CVE-2024-47120 | 0.00 | — | 0.00 | Sep 10, 2025 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges. |
- risk 0.35cvss 5.3epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176207.
- risk 0.35cvss 5.3epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information. IBM X-Force ID: 176335.
- risk 0.35cvss 5.3epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 159228.
- risk 0.28cvss 4.3epss 0.01
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 256015.
- risk 0.28cvss 4.3epss 0.01
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-force ID: 256014.
- risk 0.28cvss 4.3epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176334.
- risk 0.28cvss 4.3epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Force ID: 176205.
- risk 0.21cvss 3.3epss 0.00
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227.
- risk 0.21cvss 3.3epss 0.00
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 158660.
- risk 0.19cvss 2.9epss 0.00
IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013.
- risk 0.18cvss 2.7epss 0.01
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196076.
- risk 0.18cvss 2.7epss 0.01
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400.
- risk 0.14cvss 2.2epss 0.00
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184.
- CVE-2024-45671Sep 10, 2025risk 0.00cvss —epss 0.00
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
- CVE-2024-45669Sep 10, 2025risk 0.00cvss —epss 0.00
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a remote user to cause a denial of service due to improper handling of special characters that could lead to uncontrolled resource consumption.
- CVE-2024-47120Sep 10, 2025risk 0.00cvss —epss 0.00
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges.
Page 2 of 2