Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm security directory suite 8.0.1 vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2022-32755
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228505.
Ibm Security Directory Server 6.4.0.0
Ibm Security Verify Directory 10.0.0
Ibm Security Directory Suite 8.0.1
5.9
CVSSv3
CVE-2022-33161
IBM Security Directory Server 6.4.0 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle t...
Ibm Security Directory Server 6.4.0.0
Ibm Security Directory Integrator 7.2.0
Ibm Security Verify Directory 10.0.0
Ibm Security Directory Suite 8.0.1
7.5
CVSSv3
CVE-2022-33160
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 228568.
Ibm Security Directory Suite Va 8.0.1
8.1
CVSSv3
CVE-2022-33163
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571.
Ibm Security Directory Suite Va 8.0.1
7.5
CVSSv3
CVE-2022-33168
IBM Security Directory Suite VA 8.0.1 could allow an malicious user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 228588.
Ibm Security Directory Suite Va 8.0.1
6.5
CVSSv3
CVE-2022-33159
IBM Security Directory Suite VA 8.0.1 up to and including 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567.
Ibm Security Directory Suite Va
7.5
CVSSv3
CVE-2022-32757
IBM Security Directory Suite VA 8.0.1 up to and including 8.0.1.19 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 228510.
Ibm Security Directory Suite Va
8.8
CVSSv3
CVE-2022-32752
IBM Security Directory Suite VA 8.0.1 up to and including 8.0.1.19 could allow a remote authenticated malicious user to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.
Ibm Security Directory Suite Va
7.2
CVSSv3
CVE-2022-33166
IBM Security Directory Suite VA 8.0.1 up to and including 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586.
Ibm Security Directory Suite Va
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started