CVE-2022-22462 LOW

CVE-2022-22462: IBM Security Verify Governance, Identity Manager virtual appliance component information disclosure

Vendor Ibm
Product Security Verify Governance
Weakness CWE-327 · Broken crypto
Published January 25, 2023
Last update March 31, 2025

CVSS base score

3.7/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

Key dates

02Disclosure timeline

January 25, 2023 CVE published
March 31, 2025 Record updated