IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.
2022-03-31T18:15:09.437
2024-11-21T06:46:37.083
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:P/A:N
8.6
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | security_verify_access | 10.0.0 | Yes |
| Application | ibm | security_verify_access | 10.0.1 | Yes |
| Application | ibm | security_verify_access | 10.0.2 | Yes |
| Application | ibm | security_verify_access | 10.0.3 | Yes |