CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31887 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2024-31887
16 Apr 2024 — IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive information from the SOAP API. IBM X-Force ID: 287651. IBM Security Verify Privilege 11.6.25 podría permitir que un actor no autenticado obtenga información confidencial de la API SOAP. ID de IBM X-Force: 287651. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287651 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43890 – IBM Security Verify Privilege On-Premises information disclosure
https://notcve.org/view.php?id=CVE-2022-43890
04 Mar 2024 — IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240453. IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a través de una solicitud HTTP que podría ayudar a un atacante en futuros ataques contra el sistema. ID de IBM X-Force: 240453. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240453 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43891 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-43891
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/240454 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43892 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-43892
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a certificate which could disclose sensitive information which could aid further attacks against the system. IBM X-Force ID: 240455. IBM Security Verify Privilege On-Premises 11.5 no valida, o valida incorrectamente, un certificado que podría revelar información confidencial que podría contribuir a futuros ataques contra el System. ID de IBM X-Force: 240455. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240455 • CWE-295: Improper Certificate Validation •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43893 – IBM Security Verify Privilege denial of service
https://notcve.org/view.php?id=CVE-2022-43893
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634. IBM Security Verify Privilege On-Premises 11.5 podría permitir que un usuario privilegiado cause una vulnerabilidad por el consumo de recursos de un payload malicioso. ID de IBM X-Force: 240634. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240534 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43889 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-43889
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452. IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a través de una solicitud HTTP que podría ayudar a un atacante en futuros ataques contra el System. ID de IBM X-Force: 240452. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240452 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29913 – IBM Security Verify Privilege improper input validation
https://notcve.org/view.php?id=CVE-2021-29913
17 Oct 2023 — IBM Security Verify Privilege On-Premise 11.5 could allow an authenticated user to obtain sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 207898. IBM Security Verify Privilege On-Premise 11.5 podría permitir que un usuario autenticado obtenga información confidencial o realice acciones no autorizadas debido a una validación de entrada incorrecta. ID de IBM X-Force: 207898. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207898 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22380 – IBM Security Verify Privilege improper authentication
https://notcve.org/view.php?id=CVE-2022-22380
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante falsificar una entidad de confianza debido a una validación incorrecta de los certificados. ID de IBM X-Force: 221957. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221957 • CWE-295: Improper Certificate Validation •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22375 – IBM Security Verify Privilege command execution
https://notcve.org/view.php?id=CVE-2022-22375
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681. IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el System enviando una solicitud especialmente manipulada. ID de IBM X-Force: 221681. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221681 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-20581 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2021-20581
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información confidencial debido a una expiración insuficiente de la sesión. ID de IBM X-Force: 199324. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199324 • CWE-613: Insufficient Session Expiration •