CVE-2022-22470

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 95.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Verify Governance
Timeline
PublishedJan 9

Description

IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.5 | Impact: 3.6

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-4mwx-89hh-m9vr: IBM Security Verify Governance 102023-01-09
CVEList
IBM Security Verify Governance information disclosure2023-01-06