IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 08 Aug 2025 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Ibm
Ibm security Verify Access
CPEs cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm security Verify Access

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00037}

epss

{'score': 0.00047}


Tue, 04 Feb 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 04 Feb 2025 20:45:00 +0000

Type Values Removed Values Added
Description IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
Title IBM Security Verify Access information disclosure
Weaknesses CWE-209
References
Metrics cvssV3_1

{'score': 2.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-02-22T20:58:47.025Z

Reserved: 2024-09-03T13:50:34.380Z

Link: CVE-2024-45658

cve-icon Vulnrichment

Updated: 2025-02-04T21:07:29.733Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-04T21:15:26.833

Modified: 2025-08-08T17:12:36.017

Link: CVE-2024-45658

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.