First published: Tue Jul 12 2022(Updated: )
IBM Security Verify Identity Manager 10.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 224918.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Verify Governance | =10.0 | |
Linux Linux kernel | ||
<=10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22452 is a vulnerability in IBM Security Verify Identity Manager 10.0 that allows a remote attacker to brute force account credentials.
The severity of CVE-2022-22452 is high, with a severity value of 7.5.
IBM Security Verify Governance, Identity Manager virtual appliance component version 10.0 is affected by CVE-2022-22452.
CVE-2022-22452 can be exploited by a remote attacker who can perform brute force attacks to guess account credentials.
Please refer to the IBM Security Verify Identity Manager documentation or contact IBM Support for information on how to mitigate CVE-2022-22452.