Vulnerabilities > IBM > Security Verify Access

DATE CVE VULNERABILITY TITLE RISK
2024-08-29 CVE-2024-35133 Open Redirect vulnerability in IBM products
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
8.2
2024-07-25 CVE-2022-32759 Unspecified vulnerability in IBM products
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information.
network
low complexity
ibm
7.5
2024-07-25 CVE-2024-28772 Unspecified vulnerability in IBM products
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
2024-06-27 CVE-2023-30430 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs.
local
low complexity
ibm
5.5
2024-06-27 CVE-2024-31883 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption.
network
high complexity
ibm
5.9
2024-03-31 CVE-2024-25027 Unspecified vulnerability in IBM Security Verify Access 10.0.6
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption.
local
low complexity
ibm
5.5
2024-02-07 CVE-2023-32328 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server.
network
low complexity
ibm
critical
9.8
2024-02-07 CVE-2023-32330 Improper Certificate Validation vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server.
network
low complexity
ibm CWE-295
critical
9.8
2024-02-07 CVE-2023-43017 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access.
network
low complexity
ibm
7.2
2024-02-03 CVE-2023-30999 Unspecified vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption.
network
low complexity
ibm
7.5