CNVD-2024-11743 — Vulnetix

CNVD-2024-11743 PUBLISHED CVSS 7.5 HIGH

IBM Security Verify Access是美国国际商业机器（IBM）公司的一款提高用户访问安全的服务。 IBM Security Verify Access存在信任管理问题漏洞，远程攻击者可利用该漏洞提交特殊的请求，可未授权控制系统。

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
IBM	Security Verify Access Appliance	10.0.0.0
IBM	Security Verify Access Docker	10.0.0.0

Exploit Intelligence

CIRCL seen: CVE-2023-32330 (circl-sighting)
CIRCL seen: CVE-2023-32330 (circl-sighting)
http://seclists.org/fulldisclosure/2024/Nov/0 (circl)
https://www.ibm.com/support/pages/node/7106586 (circl)
https://exchange.xforce.ibmcloud.com/vulnerabilities/254977 (circl)
index.html (github-poc)
index.html (github-poc)

Timeline

Jan 9, 2024 CVE Published
Feb 7, 2024 PoC Published
Mar 1, 2024 PoC Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›