CVE-2024-49351
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 26, 2024
CWE ID 256
Summary
CVE-2024-49351 is a vulnerability affecting IBM Workload Scheduler versions 9.5, 10.1, and 10.2. This issue arises from the application's storage of user credentials in plain text, which poses a significant security risk. A local user with access to the system can easily view and misuse these credentials for unauthorized access to sensitive data or system functions. This vulnerability underscores the importance of secure credential storage and the need for regular software updates to mitigate such risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- IBM Workload Scheduler
Affected Vendors
- IBM Corporation