CNVD-2024-07612 — Vulnetix

CNVD-2024-07612 PUBLISHED CVSS 6.5 MEDIUM

IBM Security Verify Access（ISAM）是美国国际商业机器（IBM）公司的一款提高用户访问安全的服务。该服务通过使用基于风险的访问、单点登录、集成访问管理控制、身份联合以及移动多因子认证实现对Web、移动、IoT 和云技术等平台安全简单的访问 IBM Security Verify Access存在拒绝服务，攻击者可利用该漏洞受到DSC服务器上的拒绝服务攻击。

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
IBM	Security Verify Access Appliance	10.0.0.0
IBM	Security Verify Access Docker	10.0.0.0

Timeline

Jan 9, 2024 CVE Published
Feb 3, 2024 PoC Published
Feb 25, 2024 PoC Published

References

https://www.ibm.com/support/pages/node/7106586 vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/254776 vdb
http://seclists.org/fulldisclosure/2024/Nov/0 url

Open in Interactive Console →