Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-33167 | 1 Ibm | 2 Security Directory Integrator, Security Verify Directory Integrator | 2024-11-21 | N/A | 3.7 LOW |
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 228587. | |||||
CVE-2022-33162 | 1 Ibm | 2 Security Directory Integrator, Security Verify Directory Integrator | 2024-09-07 | N/A | 9.8 CRITICAL |
IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. IBM X-Force ID: 228570. |