CVE-2024-45647 — MEDIUM (5.6)

Q: How severe is CVE-2024-45647?

CVE-2024-45647 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-45647?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Verify Access, Ibm Security Verify Access Docker.

Vulnerability Description

IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.

CVSS Score

5.6

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Ibm	Security Verify Access	>= 10.0.0, <= 10.0.8
Ibm	Security Verify Access Docker	>= 10.0.0, <= 10.0.8

Related Weaknesses (CWE)

CWE-620

References

https://www.ibm.com/support/pages/node/7176212Vendor Advisory

FAQ

What is CVE-2024-45647?

CVE-2024-45647 is a vulnerability with a CVSS score of 5.6 (MEDIUM). IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prio...

How severe is CVE-2024-45647?

CVE-2024-45647 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-45647?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Verify Access, Ibm Security Verify Access Docker.