CVE-2023-33838

Опубликовано: 29 янв. 2025

Источник: nvd

CVSS3: 4.4

CVSS3: 4.9

EPSS Низкий

Описание

IBM Security Verify Governance 10.0.2 Identity Manager

uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

Ссылки

https://www.ibm.com/support/pages/node/7172200
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:security_verify_governance:10.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00013

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-759

CWE-916

Связанные уязвимости

GHSA-2gv7-cc99-m2pr

CVSS3: 4.4

github

около 1 года назад

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

EPSS

Процентиль: 2%

0.00013

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-759

CWE-916