Ibm Security Verify Information Queue — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Verify Information Queue, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2022-35285 — CVSS 8.8 (high): IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious…
CVE-2022-35286 — CVSS 8.8 (high): IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious…
CVE-2021-20403 — CVSS 8.8 (high): IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute…
CVE-2021-20411 — CVSS 8.1 (high): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly…
CVE-2021-20412 — CVSS 7.5 (high): IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it…
CVE-2021-20405 — CVSS 7.5 (high): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of…
CVE-2022-35287 — CVSS 7.5 (high): IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for…
CVE-2022-35284 — CVSS 7.5 (high): IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a…
CVE-2022-35283 — CVSS 6.5 (medium): IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP…
CVE-2024-45669 — CVSS 6.5 (medium): IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a remote user to cause a denial of service due to…
CVE-2022-35288 — CVSS 6.5 (medium): IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks…
CVE-2024-47120 — CVSS 6.4 (medium): IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and…
CVE-2021-20409 — CVSS 5.9 (medium): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure…
CVE-2024-45671 — CVSS 5.9 (medium): IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could…
CVE-2021-20408 — CVSS 5.5 (medium): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage…
CVE-2021-20404 — CVSS 5.3 (medium): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid…
CVE-2021-20407 — CVSS 5.3 (medium): IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks…
CVE-2021-20410 — CVSS 5.3 (medium): IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user…
CVE-2023-33834 — CVSS 4.3 (medium): IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in…
CVE-2023-33835 — CVSS 4.3 (medium): IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in…
CVE-2023-33833 — CVSS 2.9 (low): IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user…
CVE-2021-20402 — CVSS 2.7 (low): IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed…
CVE-2021-20406 — CVSS 2.2 (low): IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to…