First published: Tue May 30 2023(Updated: )
IBM Security Directory Server uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Directory Suite VA | <=8.0.1-8.0.1.19 | |
IBM Security Directory Suite VA | >=8.0.1<=8.0.1.19 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-32757.
The title of the vulnerability is IBM Security Directory Server uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
The severity of CVE-2022-32757 is high with a CVSS score of 7.5.
CVE-2022-32757 affects IBM Security Directory Suite VA 8.0.1 through 8.0.1.19.
A remote attacker can exploit CVE-2022-32757 by brute forcing account credentials.