Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45657 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | N/A | 5.0 MEDIUM |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment. | |||||
| CVE-2024-43187 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | N/A | 5.9 MEDIUM |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. | |||||
| CVE-2024-40700 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | N/A | 6.1 MEDIUM |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-45659 | 1 Ibm | 2 Security Verify Access, Verify Identity Access | 2025-08-05 | N/A | 5.3 MEDIUM |
| IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. | |||||