CVE-2022-22311

Summary

IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.

Affected Software

VendorProductVersion RangeStatus
IBMSecurity Verify Access10.0.0affected
IBMSecurity Verify Access10.0.1affected
IBMSecurity Verify Access10.0.2affected
IBMSecurity Verify Access10.0.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References