IBM Security Verify Governance information disclosure
CVE-2023-33837
7.5HIGH
Summary
IBM Security Verify Governance 10.0 lacks sufficient encryption for sensitive and critical information during both storage and transmission, which poses a serious risk of unauthorized access to confidential data. The absence of proper encryption mechanisms may expose users to data breaches. Organizations using this product are advised to take immediate action to mitigate potential risks.
Affected Version(s)
Security Verify Governance 10.0
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved