CVE-2023-32328 HIGH

CVE-2023-32328: IBM Security Verify Access information disclosure

Vendor Ibm
Product Security Verify Access Appliance
Weakness CWE-319 · Cleartext transmission
Published February 7, 2024
Last update November 3, 2025

CVSS base score

7.5/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957.

Key dates

02Disclosure timeline

February 7, 2024 CVE published
November 3, 2025 Record updated