IBM Security Verify Governance information disclosure
CVE-2022-22466

6.8MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Governance
Vendor: CVE Published:; 23 October 2023

What is CVE-2022-22466?

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222.

Affected Version(s)

Security Verify Governance 10.0

References

https://www.ibm.com/support/pages/node/7057377

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/225222

vdb-entry

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 23, 2023
Vulnerability Reserved
Jan 3, 2022