Weaker Cryptographic Algorithms in IBM Security Verify Directory 10.0.0 Could Leave Sensitive Information Vulnerable to Decryption
CVE-2022-32753

4.5MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Directory
Vendor: CVE Published:; 22 March 2024

What is CVE-2022-32753?

IBM Security Verify Directory 10.0.0 is reported to utilize cryptographic algorithms that do not meet expected security standards. This weakness can potentially enable unauthorized entities to decrypt sensitive data and compromise the confidentiality of user information. The vulnerability highlights the importance of implementing robust cryptographic measures to protect against potential breaches. Users of IBM Security Verify Directory should review their security protocols and consider applying any recommended patches or updates to mitigate risks associated with this vulnerability.

Affected Version(s)

Security Verify Directory 10.0.0

References

https://www.ibm.com/support/pages/node/7145001

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/228444

vdb-entry

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 22, 2024
Vulnerability Reserved
Jun 9, 2022