IBMF79B8536A2496D0EC313A2756E49BEE3B3ACF5C5955E9FF172A9AC072EACE0CBSecurity Bulletin: Security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
42.1%
Summary
IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability.
Vulnerability Details
CVEID:CVE-2022-22461
**DESCRIPTION:**IBM Security Verify Governance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225077 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Verify Governance, Identity Manager virtual appliance component | 10.0.1 |
Remediation/Fixes
| Affected Product(s) | Version(s) | Fix Availability |
|---|---|---|
| IBM Security Verify Governance, Identity Manager virtual appliance component | 10.0.1.0 |
Workarounds and Mitigations
None
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security identity manager | eq | 10.0.1.0 | |
| ibm security identity manager | eq | 3 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
42.1%