CVE-2024-45647

IBM Security Verify Access unverified password change

CVSS 5.6 MEDIUMEPSS 0.3%CWE-620

IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Produtos afetados

IBM · Security Verify Access IBM · Security Verify Access Docker

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.ibm.com/support/pages/node/7176212