CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38859 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2021-38859
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información del número de versión mediante una solicitud HTTP especialmente manipulada que podría usarse en futuros ataques contra el System. ID de IBM X-Force: 207899. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207899 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22385 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-22385
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962. IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a un atacante debido a la transmisión de datos en texto plano. ID de IBM X-Force: 221962. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221962 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22386 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-22386
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221963. IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto obtenga información confidencial, causada por no habilitar correctamente HTTP Strict Transport Security. U... • https://exchange.xforce.ibmcloud.com/vulnerabilities/221963 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22384 – IBM Security Verify Privilege improper input validation
https://notcve.org/view.php?id=CVE-2022-22384
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to modify messages returned from the server due to hazardous input validation. IBM X-Force ID: 221961. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante modificar los mensajes devueltos por el servidor debido a una validación de entrada peligrosa. ID de IBM X-Force: 221961. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221961 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22377 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-22377
17 Oct 2023 — IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 221827. IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto obtenga información confidencial, causada por no habilitar correctamente HTTP Strict Transport Security. U... • https://exchange.xforce.ibmcloud.com/vulnerabilities/221827 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4610
https://notcve.org/view.php?id=CVE-2020-4610
25 Jun 2021 — IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919. IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) podría permitir a un usuario local ejecutar código debido a comprobaciones de integridad inadecuadas. ID de IBM X-Force: 184919 • https://exchange.xforce.ibmcloud.com/vulnerabilities/184919 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4609
https://notcve.org/view.php?id=CVE-2020-4609
25 Jun 2021 — IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917. IBM Security Sevret Server (IBM Security Verify Privilege Manager versión 10.8.2) es vulnerable a un desbordamiento de búfer, causado por una comprobación inapropiada de límites. Un atacante local podría desbordar un búfer y ejecu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/184917 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4606
https://notcve.org/view.php?id=CVE-2020-4606
08 Jan 2021 — IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A local attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 184883. IBM Security Verify Privilege Manager versión 10.8, es vulnerable a un ataque de Inyección de Entidad Externa XML (XXE) al procesar datos XML. Un atacante local podría explotar esta vulnerabilidad para exponer información confidencial o con... • https://exchange.xforce.ibmcloud.com/vulnerabilities/184883 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4607
https://notcve.org/view.php?id=CVE-2020-4607
29 Sep 2020 — IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884. IBM Security Secret Server (IBM Security Verify Privilege Vault Remote versión 1.2), podría permitir a un usuario local omitir restricciones de seguridad debido a una comprobación de entrada inapropiada. IBM X-Force ID: 184884 • https://exchange.xforce.ibmcloud.com/vulnerabilities/184884 • CWE-20: Improper Input Validation •