Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-33838

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

Published

2025-01-29T02:15:26.640

Last Modified

2025-03-04T22:13:09.120

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

Weaknesses

Type: Primary
CWE-759
Type: Secondary
CWE-916

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	security_verify_governance	10.0.2	Yes

References

https://www.ibm.com/support/pages/node/7172200 Vendor Advisory ([email protected])