CVE-2024-36626
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Nov 29, 2024
CWE ID 476
Summary
CVE-2024-49804 is a vulnerability affecting IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8. This issue grants locally authenticated non-administrative users unnecessarily elevated permissions, enabling them to escalate their privileges and potentially gain administrator access. The specific tasks exploiting these permissions have not been disclosed, but the vulnerability poses a significant risk to the security of the affected systems. IBM urges users to apply the available patches to mitigate this issue and prevent potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- PrestaShop