Weak Cryptographic Algorithms in IBM Security Verify Identity Manager
CVE-2022-22453

5.1MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Governance
Vendor: CVE Published:; 13 July 2022

Summary

IBM Security Verify Identity Manager 10.0 employs cryptographic algorithms that are weaker than expected, potentially enabling an attacker to decrypt sensitive information. This vulnerability compromises data integrity and confidentiality, posing significant risks to organizations relying on secure identity management solutions.

Affected Version(s)

Security Verify Governance 10.0

References

https://www.ibm.com/support/pages/node/6603405

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/224919

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 13, 2022
Vulnerability Reserved
Jan 3, 2022