Clear Text Credential Transmission in IBM Security Verify Governance 10.0.2
CVE-2023-35017
5.9MEDIUM
Summary
IBM Security Verify Governance 10.0.2 contains a vulnerability where user credentials are transmitted in clear text. This transmission is susceptible to interception by attackers utilizing man-in-the-middle techniques, posing a significant risk to user data integrity and confidentiality. It is crucial for organizations using this product to implement security measures that protect sensitive information from unauthorized access.
Affected Version(s)
Security Verify Governance 10.0.2
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved