Vulnerabilities > IBM > Security Directory Suite

DATE CVE VULNERABILITY TITLE RISK
2023-10-14 CVE-2022-32755 XXE vulnerability in IBM products
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
critical
9.1
2023-10-14 CVE-2022-33161 Missing Encryption of Sensitive Data vulnerability in IBM products
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-311
5.9