CNVD-2024-06217 — Vulnetix

CNVD-2024-06217 PUBLISHED CVSS 8.399999618530273 HIGH

IBM Security Access Manager Appliance（ISAM Appliance）是美国国际商业机器（IBM）公司的一款基于网络设备的安全解决方案。该产品主要用于访问控制和基于Web的威胁防护，提供系统性能监控、日志分析和诊断等功能。 IBM Security Access Manager Appliance存在访问控制错误漏洞，该漏洞源于访问控制不当，本地攻击者可利用该漏洞获得root访问权限。

Risk Scores

CVSS 3.1

8.399999618530273

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
IBM	Security Verify Access Docker	10.0.0.0
IBM	Security Verify Access Appliance	10.0.0.0

Exploit Intelligence

CIRCL seen: CVE-2023-31003 (circl-sighting)
CIRCL seen: CVE-2023-31003 (circl-sighting)
http://seclists.org/fulldisclosure/2024/Nov/0 (circl)
https://www.ibm.com/support/pages/node/7106586 (circl)
https://exchange.xforce.ibmcloud.com/vulnerabilities/254658 (circl)

Timeline

Jan 9, 2024 CVE Published
Jan 11, 2024 PoC Published
Jan 30, 2024 PoC Published

References

Open in Interactive Console →