threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm security verify governance
Product
ibm security verify governance
28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-36003
all versions
IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed
7.5
HIGH
CVE-2024-22330
all versions
IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier f
5.9
MEDIUM
CVE-2023-33844
all versions
IBM Security Verify Governance 10.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary Ja
5.4
MEDIUM
CVE-2023-33838
all versions
IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be rev
4.4
MEDIUM
CVE-2023-35017
all versions
IBM Security Verify Governance 10.0.2 Identity Manager can transmit user credentials in clear text that could be obtained by an at
5.9
MEDIUM
CVE-2023-35888
all versions
IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to prop
5.9
MEDIUM
CVE-2023-33840
all versions
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary Java
4.8
MEDIUM
CVE-2023-33839
all versions
IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sen
7.2
HIGH
CVE-2023-33837
all versions
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Forc
4.1
MEDIUM
CVE-2022-22466
>= 10.0 and < 10.0.2
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for it
6.8
MEDIUM
CVE-2023-33836
>= 10.0 and < 10.0.2
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for it
5.3
MEDIUM
CVE-2023-35018
>= 10.0 and < 10.0.2
IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X
3.3
LOW
CVE-2023-35013
>= 10.0 and < 10.0.2
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from sou
2.3
LOW
CVE-2023-35019
all versions
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on
7.2
HIGH
CVE-2023-35016
all versions
IBM Security Verify Governance, Identity Manager 10.0 could allow a remote attacker to traverse directories on the system. An atta
6.5
MEDIUM
CVE-2022-22462
all versions
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algori
3.7
LOW
CVE-2022-22470
all versions
IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID:
4.1
MEDIUM
CVE-2022-22449
all versions
IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detail
5.3
MEDIUM
CVE-2022-22458
all versions
IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote
6.3
MEDIUM
CVE-2022-22457
all versions
IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear tex
5.3
MEDIUM
CVE-2022-22456
all versions
IBM Security Verify Governance, Identity Manager 10.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to
4.2
MEDIUM
CVE-2022-35646
all versions
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel a
5.9
MEDIUM
CVE-2022-22461
all versions
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an att
5.9
MEDIUM
CVE-2022-22455
all versions
IBM Security Verify Governance Identity Manager 10.0 virtual appliance component performs an operation at a privilege level that i
9.8
CRITICAL
CVE-2022-22460
all versions
IBM Security Verify Identity Manager 10.0 contains sensitive information in the source code repository that could be used in furth
7.5
HIGH
CVE-2022-22453
all versions
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decry
7.5
HIGH
CVE-2022-22452
all versions
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute f
7.5
HIGH
CVE-2022-22450
all versions
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security
3.8
LOW
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin