CVE-2022-43889

Published: Oct 17, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452.

Affected (1)

Products: Ibm: Security Verify Privilege On Premises

Ibm

1 product

Security Verify Privilege On Premises

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Security Verify Privilege On Premises	Before 11.5

Running on/with	Platform Versions
Apple Macos	All versions
Microsoft Windows	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/240452

Source: psirt@us.ibm.com

VDB Entry

https://www.ibm.com/support/pages/node/7047202

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/240452

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://www.ibm.com/support/pages/node/7047202

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.