Vulnerability in Ibm Security Verify Access
CVE-2022-36775
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks aga…
EPSS: 0.003 (52.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.
Affected products
- Ibm Security Verify Access — versions 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, 10.0.4.0
References
- www.ibm.com/support/pages/node/6953617 (vendor-advisory)
- exchange.xforce.ibmcloud.com/vulnerabilities/233576 (vdb-entry)
Frequently asked questions
- What is CVE-2022-36775?
- CVE-2022-36775 is a medium-severity vulnerability in Ibm Security Verify Access. CVSS score: 6.5/10. Published 2023-02-17.
- How severe is CVE-2022-36775?
- Medium severity. CVSS v3 base score is 6.5 out of 10.