CVE-2022-22466

Name of the Vulnerable Software and Affected Versions IBM Security Verify Governance version 10.0

Description The issue is related to the use of hard-coded credentials, such as a password or cryptographic key, in IBM Security Verify Governance. This could allow a remote attacker to disclose protected information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For IBM Security Verify Governance version 10.0, consider removing or updating the hard-coded credentials to prevent exploitation. As a temporary workaround, restrict access to sensitive components that use these credentials until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.