Lucene search
HistoryFeb 07, 2024 - 5:15 p.m.
CVE-2023-32328
ibm
security
verify access
vulnerability
insecure protocols
attacker
network
server
ibm x-force
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
31.8%
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957.
Affected configurations
Node
ibmsecurity_verify_accessRange10.0.0.0–10.0.6.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | security_verify_access | * | cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-32328 IBM Security Verify Access information disclosure
2024-02-07 16:07:06
prion
prion
Code injection
2024-02-07 17:15:00
cnvd
cnvd
cve
cve
CVE-2023-32328
2024-02-07 17:15:08
ibm
ibm
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
31.8%
Related for NVD:CVE-2023-32328