Vulnerabilities > IBM > Security Verify Access
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-10 | CVE-2024-31871 | Unspecified vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Python scripts due to improper certificate validation. | 8.1 |
| 2024-04-10 | CVE-2024-31872 | Unspecified vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation. | 8.1 |
| 2024-04-10 | CVE-2024-31873 | Unspecified vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which it uses for its own inbound authentication that could be obtained by a malicious actor. | 7.5 |
| 2024-04-10 | CVE-2024-31874 | Use of Uninitialized Resource vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.7 uses uninitialized variables when deploying that could allow a local user to cause a denial of service. | 5.5 |
| 2024-03-31 | CVE-2024-25027 | Unspecified vulnerability in IBM Security Verify Access 10.0.6 IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. | 5.5 |
| 2024-02-07 | CVE-2023-32328 | Unspecified vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. | 9.8 |
| 2024-02-07 | CVE-2023-32330 | Improper Certificate Validation vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. | 9.8 |
| 2024-02-07 | CVE-2023-43017 | Unspecified vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. | 7.2 |
| 2024-02-03 | CVE-2023-30999 | Unspecified vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. | 7.5 |
| 2024-02-03 | CVE-2023-31004 | Unspecified vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. | 9.0 |