Vulnerabilities > IBM > Security Verify Access > 10.0.2

DATE CVE VULNERABILITY TITLE RISK
2024-02-03 CVE-2023-32329 Unspecified vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation.
local
low complexity
ibm
5.5
5.5
2024-02-03 CVE-2023-43016 Weak Password Requirements vulnerability in IBM products
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password.
network
low complexity
ibm CWE-521
7.3
7.3
2023-05-12 CVE-2023-25927 Unspecified vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system.
network
low complexity
ibm
7.5
7.5
2022-03-31 CVE-2022-22311 Improper Input Validation vulnerability in IBM Security Verify Access
IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.
network
high complexity
ibm CWE-20
6.5
6.5