PT-2024-12315 · Ibm · Ibm Security Verify Access Appliance+1
Published
2024-02-02
·
Updated
2024-02-07
·
CVE-2023-32329
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1
IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1
Description
The issue is due to improper file validation, which could allow a user to download files from an incorrect repository.
Recommendations
For IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1, update to a version that properly validates files to prevent incorrect repository downloads.
For IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1, update to a version that properly validates files to prevent incorrect repository downloads.
Fix
Insufficient Verification of Data Authenticity
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Security Verify Access Appliance
Ibm Security Verify Access Docker