Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm security verify access 10.0.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-39070
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service enabled could allow an malicious user to authenticate as any user on the system. IBM X-Force ID: 215353.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access Docker 10.0.0
Ibm Security Verify Access Docker 10.0.1.0
Ibm Security Verify Access Docker 10.0.2.0
5.8
CVSSv2
CVE-2022-22311
IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1
Ibm Security Verify Access 10.0.2
Ibm Security Verify Access 10.0.3
5
CVSSv2
CVE-2021-38956
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive version information in HTTP response headers that could aid in further attacks against the system. IBM X-Force ID: 212038
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
5
CVSSv2
CVE-2021-38957
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
4
CVSSv2
CVE-2021-38894
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 209515.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
3.5
CVSSv2
CVE-2021-38895
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
5
CVSSv2
CVE-2021-38921
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 210067.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
NA
CVE-2023-25927
IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an malicious user to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635.
Ibm Security Verify Access 10.0.0
Ibm Security Verify Access 10.0.1
Ibm Security Verify Access 10.0.2
Ibm Security Verify Access 10.0.3
Ibm Security Verify Access 10.0.4
Ibm Security Verify Access 10.0.5
5
CVSSv2
CVE-2021-20439
IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.
Ibm Security Access Manager 9.0
Ibm Security Verify Access 10.0.0
2.9
CVSSv2
CVE-2020-4660
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an malicious user to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186140.
Ibm Security Access Manager 9.0.7.0
Ibm Security Verify Access 10.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »