First published: Thu Jan 05 2023(Updated: )
IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Verify Governance | =10.0 | |
IBM Security Verify Governance | <=10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-22470 is medium with a severity value of 5.5.
A local user can read user credentials in IBM Security Verify Governance as they are stored in plain clear text.
The IBM X-Force ID for CVE-2022-22470 is 225232.
If you are using IBM Security Verify Governance version 10.0, your system is affected by CVE-2022-22470.
Please refer to the IBM Security Verify Governance support page for information on available fixes for CVE-2022-22470.