IBM Security Verify Access Appliance Denial of Service Vulnerability
CVE-2024-31874

5.5MEDIUM

Key Information:

Vendor: IBM
Status: Security Verify Access Appliance
Vendor: CVE Published:; 10 April 2024

Summary

The IBM Security Verify Access Appliance versions 10.0.0 through 10.0.7 contain a vulnerability that arises from the usage of uninitialized variables during deployment. This flaw may enable local users to execute operations that result in a denial of service, affecting the availability of the affected system. Organizations are advised to review their deployments to mitigate potential abuse of this vulnerability, ensuring that appropriate security measures and updates are applied.

Affected Version(s)

Security Verify Access Appliance 10.0.0 <= 10.0.7

References

https://www.ibm.com/support/pages/node/7147932

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/287318

vdb-entry

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Apr 7, 2024