IBM Security Verify Governance, Identity Manager virtual appliance component information disclosure
CVE-2022-22462

3.7LOW

Key Information:

Vendor: IBM
Status: Security Verify Governance
Vendor: CVE Published:; 26 January 2023

Summary

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

Affected Version(s)

Security Verify Governance 10.0.1

References

https://www.ibm.com/support/pages/node/6857339

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/225078

vdb-entry

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 26, 2023
Vulnerability Reserved
Jan 3, 2022