VYPR

Security Verify Governance

by IBM

CVEs (28)

  • CVE-2023-33838MedJan 29, 2025
    risk 0.29cvss 4.4epss 0.00

    IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

  • CVE-2023-33837MedOct 23, 2023
    risk 0.27cvss 4.1epss 0.00

    IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.

  • CVE-2022-22470MedJan 9, 2023
    risk 0.27cvss 4.1epss 0.00

    IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.

  • CVE-2022-22456MedDec 22, 2022
    risk 0.27cvss 4.2epss 0.00

    IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a…

  • CVE-2022-22450LowJul 14, 2022
    risk 0.25cvss 3.8epss 0.01

    IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916.

  • CVE-2022-22462LowJan 26, 2023
    risk 0.24cvss 3.7epss 0.00

    IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

  • CVE-2023-35018LowOct 16, 2023
    risk 0.21cvss 3.3epss 0.00

    IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382.

  • CVE-2023-35013LowOct 16, 2023
    risk 0.15cvss 2.3epss 0.00

    IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

Page 2 of 2