CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22380 – IBM Security Verify Privilege improper authentication
https://notcve.org/view.php?id=CVE-2022-22380
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un atacante falsificar una entidad de confianza debido a una validación incorrecta de los certificados. ID de IBM X-Force: 221957. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221957 https://www.ibm.com/support/pages/node/7047202 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22375 – IBM Security Verify Privilege command execution
https://notcve.org/view.php?id=CVE-2022-22375
IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681. IBM Security Verify Privilege On-Premises 11.5 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el System enviando una solicitud especialmente manipulada. ID de IBM X-Force: 221681. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221681 https://www.ibm.com/support/pages/node/7047202 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-20581 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2021-20581
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 199324. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información confidencial debido a una expiración insuficiente de la sesión. ID de IBM X-Force: 199324. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199324 https://www.ibm.com/support/pages/node/7047202 • CWE-613: Insufficient Session Expiration •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38859 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2021-38859
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain version number information using a specially crafted HTTP request that could be used in further attacks against the system. IBM X-Force ID: 207899. IBM Security Verify Privilege On-Premises 11.5 podría permitir a un usuario obtener información del número de versión mediante una solicitud HTTP especialmente manipulada que podría usarse en futuros ataques contra el System. ID de IBM X-Force: 207899. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207899 https://www.ibm.com/support/pages/node/7047202 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22385 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2022-22385
IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962. IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a un atacante debido a la transmisión de datos en texto plano. ID de IBM X-Force: 221962. • https://exchange.xforce.ibmcloud.com/vulnerabilities/221962 https://www.ibm.com/support/pages/node/7047202 • CWE-319: Cleartext Transmission of Sensitive Information •