CVE-2024-49806

CVSS 3.1 Score 9.4 of 10 (high)

Details

Published Nov 29, 2024
CWE ID 798

Summary

CVE-2024-49806 is a vulnerability affecting IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8. This issue involves hard-coded credentials, posing a significant security risk. These credentials, which may include passwords or cryptographic keys, are used by the appliance for its own authentication, communication, and data encryption processes. An attacker who gains unauthorized access to these credentials can potentially bypass security measures, causing unintended consequences such as unauthorized access to sensitive data or unauthorized system modifications. Updating the affected appliances to the latest version or implementing other mitigation strategies is strongly recommended to address this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share