Information Disclosure Vulnerability in IBM Security Directory Integrator Products
CVE-2024-28766
2.4LOW
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 27 January 2025
Summary
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 possess a vulnerability that may allow attackers to obtain sensitive information related to directory contents. This exposure could facilitate further attacks on the system, compromising the integrity and confidentiality of the data. Organizations using these products should assess their systems for potential risks and apply security measures to protect against unauthorized access and data leakage.
Affected Version(s)
Security Directory Integrator 7.2.0
Security Verify Directory Integrator 10.0.0
References
CVSS V3.1
Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published