Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Security Directory Suite Va

Total 7 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-33168	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	7.5 HIGH
IBM Security Directory Suite VA 8.0.1 could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 228588.
CVE-2022-33166	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	7.2 HIGH
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586.
CVE-2022-33163	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	5.3 MEDIUM
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571.
CVE-2022-33160	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	3.7 LOW
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.
CVE-2022-33159	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	5.3 MEDIUM
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567.
CVE-2022-32757	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	7.5 HIGH
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 228510.
CVE-2022-32752	1 Ibm	1 Security Directory Suite Va	2024-11-21	N/A	7.2 HIGH
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.