Privilege Escalation in IBM Security Verify Governance Identity Manager
CVE-2022-22455

2.3LOW

Key Information:

Vendor: IBM
Status: Security Verify Governance
Vendor: CVE Published:; 17 August 2022

Summary

The IBM Security Verify Governance Identity Manager 10.0 virtual appliance contains a vulnerability that allows operations to be executed at a privilege level exceeding the necessary minimum. This flaw may result in the introduction of new weaknesses or exacerbate the effects of existing vulnerabilities, posing a significant security risk to organizations utilizing this identity management product.

Affected Version(s)

Security Verify Governance 10.0

References

https://www.ibm.com/support/pages/node/6612733

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/224989

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 17, 2022
Vulnerability Reserved
Jan 3, 2022