CVE-2022-32753

CWE-3263 documents3 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 97.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Verify Directory

Timeline

PublishedMar 22

Description

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/security_verify_directory10.0.0

▶NVDibm/security_verify_directory10.0.0

🔴Vulnerability Details

CVEList

IBM Security Verify Directory information disclosure↗2024-03-22

▶

GHSA

GHSA-g8qp-8hw4-2mf9: IBM Security Verify Directory 10↗2024-03-22

▶