Vulnerabilities > IBM > Security Directory Integrator > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-30 CVE-2022-33167 Incorrect Permission Assignment for Critical Resource vulnerability in IBM products
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag.
network
low complexity
ibm CWE-732
7.5
2024-07-25 CVE-2022-32759 Unspecified vulnerability in IBM products
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information.
network
low complexity
ibm
7.5
2023-10-14 CVE-2022-33165 Path Traversal vulnerability in IBM Security Directory Integrator 7.2.0
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5