CVE-2022-32751

IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. IBM X-Force ID: 228437.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/228437	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7145001	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*

History

01 Apr 2024, 15:28

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
First Time		Ibm security Verify Directory Ibm
Summary		(es) IBM Security Verify Directory 10.0.0 podría revelar información confidencial del servidor que podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 228437.
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/228437 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/228437 - VDB Entry, Vendor Advisory
References	~~() https://www.ibm.com/support/pages/node/7145001 -~~	() https://www.ibm.com/support/pages/node/7145001 - Vendor Advisory
CPE		cpe:2.3:a:ibm:security_verify_directory:10.0.0:::::::*

22 Mar 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-22 16:15

Updated : 2024-04-01 15:28

NVD link : CVE-2022-32751

Mitre link : CVE-2022-32751

CVE.ORG link : CVE-2022-32751

JSON object : View

Products Affected

ibm

security_verify_directory

CWE

NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2022-32751", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-03-22T16:15:07.747", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228437", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/7145001", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. IBM X-Force ID: 228437."}, {"lang": "es", "value": "IBM Security Verify Directory 10.0.0 podr\u00eda revelar informaci\u00f3n confidencial del servidor que podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 228437."}], "lastModified": "2024-04-01T15:28:05.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_verify_directory:10.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "213D3285-0B6B-49AD-81C2-7265F3349B09"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}