CVE-2024-22330

Published: Jun 6, 2025Modified: Jul 14, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

Affected (1)

Products: Ibm: Security Verify Governance

Ibm

1 product

Security Verify Governance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Verify Governance	Version 10.0.2

Related CWEs

CWE-521

Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

References (1)

https://www.ibm.com/support/pages/node/7235779

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.