CVE-2022-33167

IBM Security Directory Integrator information disclosure

Description

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 228587.

INFO

Published Date :

2024-07-30T17:05:35.007Z

Last Modified :

2024-08-03T08:01:20.017Z

Source :

ibm

AFFECTED PRODUCTS

The following products are affected by CVE-2022-33167 vulnerability.

Vendors	Products
Ibm	Security Directory Integrator Security Verify Directory Integrator

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-33167.

URL	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/228587
https://www.ibm.com/support/pages/node/7161469

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact