Severity
4.9MEDIUM
EPSS
0.0%
top 91.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 29
Description
IBM Security Verify Governance 10.0.2 Identity Manager
uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.7 | Impact: 3.6