Rewterz Threat Advisory – CVE-2022-22311 – IBM Security Verify Access Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-22311

IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.

Impact

• Unauthorized Access

Indicator Of Compromise

CVE

• CVE-2022-22311

Affected Vendors

IBM

Affected Products

• IBM Security Verify Access 10.0.0
• IBM Security Verify Access 10.0.1
• IBM Security Verify Access 10.0.2
• IBM Security Verify Access 10.0.3

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

IBM Security Advisory