Information Disclosure Vulnerability in IBM Security Directory Integrator Products
CVE-2024-28766

2.4LOW

Key Information:

Vendor
IBM
Vendor
CVE Published:
27 January 2025

Summary

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 possess a vulnerability that may allow attackers to obtain sensitive information related to directory contents. This exposure could facilitate further attacks on the system, compromising the integrity and confidentiality of the data. Organizations using these products should assess their systems for potential risks and apply security measures to protect against unauthorized access and data leakage.

Affected Version(s)

Security Directory Integrator 7.2.0

Security Verify Directory Integrator 10.0.0

References

CVSS V3.1

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.