Vulnerabilities > IBM > Security Directory Integrator > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-30 | CVE-2022-33167 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 7.5 |
2024-07-25 | CVE-2022-32759 | Unspecified vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information. | 7.5 |
2023-10-14 | CVE-2022-33165 | Path Traversal vulnerability in IBM Security Directory Integrator 7.2.0 IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. | 7.5 |