Search
Search Results (7 CVEs found)
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-36087 | 1 Ibm | 3 Security Verify Access, Security Verify Access Docker, Verify Identity Access | 2025-10-20 | 8.1 High |
IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10.0.0 through 10.0.9, and 11.0.0, under certain configurations, contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | ||||
CVE-2024-56343 | 1 Ibm | 2 Security Verify Access, Verify Identity Access Digital Credentials | 2025-08-24 | 4.3 Medium |
IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request. | ||||
CVE-2024-56342 | 1 Ibm | 2 Security Verify Access, Verify Identity Access Digital Credentials | 2025-08-24 | 4.3 Medium |
IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
CVE-2024-45657 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | 5 Medium |
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment. | ||||
CVE-2024-43187 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | 5.9 Medium |
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. | ||||
CVE-2024-40700 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | 6.1 Medium |
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
CVE-2024-45659 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | 5.3 Medium |
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. |
Page 1 of 1.