IBM Security Verify Access OIDC Provider Vulnerability Could Disclose Sensitive Information
CVE-2024-22338
4MEDIUM
Summary
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. IBM X-Force ID: 279978.
Affected Version(s)
Security Verify Access OIDC Provider <= 23.03
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
LOW
Integrity:
NONE
Availability:
NONE
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Troy Fisher, Geoffrey Owden, Ben Goodspeed, Dawid Bak, Marcin Bortkiewicz