IBM Security Verify Governance information disclosure
CVE-2023-33836

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Governance
Vendor: CVE Published:; 16 October 2023

What is CVE-2023-33836?

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016.

Affected Version(s)

Security Verify Governance 10.0

References

https://www.ibm.com/support/pages/node/7047640

vendor-advisory

https://https://exchange.xforce.ibmcloud.com/vulnerabilit...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2023
Vulnerability Reserved
May 23, 2023