CVE-2024-36626

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 29, 2024
CWE ID 476

Summary

CVE-2024-49804 is a vulnerability affecting IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8. This issue grants locally authenticated non-administrative users unnecessarily elevated permissions, enabling them to escalate their privileges and potentially gain administrator access. The specific tasks exploiting these permissions have not been disclosed, but the vulnerability poses a significant risk to the security of the affected systems. IBM urges users to apply the available patches to mitigate this issue and prevent potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share