Skip to main content

Security Verify Bridge

7 CVEs product

Monthly

CVE-2024-45672 MEDIUM This Month

IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

IBM Denial Of Service Security Verify Bridge
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2021-38864 HIGH PATCH This Week

IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Verify Bridge
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-38863 MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

IBM Information Disclosure Security Verify Bridge
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-20435 MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Security Verify Bridge
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-20434 MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

IBM Information Disclosure Security Verify Bridge
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-20442 HIGH PATCH This Week

IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

IBM Authentication Bypass Security Verify Bridge
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-20441 MEDIUM PATCH This Month

IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Security Verify Bridge
NVD
CVSS 3.1
5.9
EPSS
0.7%
EPSS 0% CVSS 6.0
MEDIUM This Month

IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

IBM Denial Of Service Security Verify Bridge
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Verify Bridge
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

IBM Information Disclosure Security Verify Bridge
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Security Verify Bridge
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

IBM Information Disclosure Security Verify Bridge
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

IBM Authentication Bypass Security Verify Bridge
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Security Verify Bridge
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy