Vulnerabilities > IBM > Security Verify Information Queue > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-33834 Information Exposure Through an Error Message vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system.
network
low complexity
ibm CWE-209
5.3
2022-07-25 CVE-2022-35288 Unspecified vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system.
network
low complexity
ibm
6.5
2022-07-14 CVE-2022-35283 Unspecified vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request.
network
low complexity
ibm
6.5
2021-02-12 CVE-2021-20410 Insufficiently Protected Credentials vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7
IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques.
network
high complexity
ibm CWE-522
5.3
2021-02-12 CVE-2021-20408 Cleartext Storage of Sensitive Information vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key.
local
low complexity
ibm CWE-312
5.5
2021-02-12 CVE-2021-20406 Unspecified vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
4.9
2021-02-11 CVE-2021-20404 Unspecified vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could prevent future logins.
network
low complexity
ibm
5.3