CVE-2022-43890

Published: Mar 4, 2024Modified: May 8, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240453.

Affected (1)

Products: Ibm: Security Verify Privilege On Premises

Ibm

1 product

Security Verify Privilege On Premises

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Verify Privilege On Premises	Up to 11.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/240453

Source: psirt@us.ibm.com

Vendor Advisory

https://www.ibm.com/support/pages/node/7108660

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/240453

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.ibm.com/support/pages/node/7108660

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.