Vulnerabilities > IBM > Security Verify Access > 10.0.2.0

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-38921 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2022-01-10 CVE-2021-38956 Information Exposure vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system.
network
low complexity
ibm CWE-200
5.3
5.3
2022-01-10 CVE-2021-38957 Improper Input Validation vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation.
network
low complexity
ibm CWE-20
7.5
7.5