Ibm Security_verify_information_queue
23 CVEs affecting Ibm Security_verify_information_queue. Latest disclosed: 2025-09-10. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-35286 | High | 8.8 | 2022-07-26 | IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized ac… |
CVE-2022-35285 | High | 8.8 | 2022-07-25 | IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized ac… |
CVE-2021-20403 | High | 8.8 | 2021-02-11 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth… |
CVE-2021-20411 | High | 8.1 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session iden… |
CVE-2022-35287 | High | 7.5 | 2022-07-25 | IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authen… |
CVE-2022-35284 | High | 7.5 | 2022-07-25 | IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X… |
CVE-2021-20412 | High | 7.5 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbou… |
CVE-2021-20405 | High | 7.5 | 2021-02-11 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID… |
CVE-2024-45669 | Medium | 6.5 | 2025-09-10 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a remote user to cause a denial of service due to improper handling of spe… |
CVE-2022-35288 | Medium | 6.5 | 2022-07-25 | IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X… |
CVE-2022-35283 | Medium | 6.5 | 2022-07-14 | IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request. |
CVE-2024-47120 | Medium | 6.4 | 2025-09-10 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the h… |
CVE-2024-45671 | Medium | 5.9 | 2025-09-10 | IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to d… |
CVE-2021-20409 | Medium | 5.9 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable H… |
CVE-2021-20408 | Medium | 5.5 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext crypto… |
CVE-2021-20410 | Medium | 5.3 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the mi… |
CVE-2021-20407 | Medium | 5.3 | 2021-02-12 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system… |
CVE-2021-20404 | Medium | 5.3 | 2021-02-11 | IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user on the network to cause a denial of service due to an invalid cookie value that could… |
CVE-2023-33835 | Medium | 4.3 | 2023-08-31 | IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against… |
CVE-2023-33834 | Medium | 4.3 | 2023-08-31 | IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against… |