CVE-2023-35888

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Mar 20, 2024
CWE ID 311

Summary

CVE-2023-35888 is a vulnerability affecting IBM Security Verify Governance version 10.0.2. This issue allows a remote attacker to obtain sensitive information through man-in-the-middle techniques. The vulnerability arises due to the failure to properly enable HTTP Strict Transport Security. IBM X-Force has assigned ID 258375 to this security concern. IBM users are advised to promptly apply the necessary security patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share