Unauthenticated Access to Sensitive Information via SOAP API
CVE-2024-31887

Currently unrated

Key Information:

Vendor: IBM
Status: Security Verify Privilege On-premises
Vendor: CVE Published:; 16 April 2024

What is CVE-2024-31887?

A vulnerability in IBM Security Verify Privilege 11.6.25 allows unauthenticated users to exploit the SOAP API and gain access to sensitive information. This issue poses a significant risk as it could lead to unauthorized data exposure, which might affect the integrity and confidentiality of user information. Organizations using this version are encouraged to review the associated security implications and implement necessary mitigations to protect their data and maintain compliance.

References

https://www.ibm.com/support/pages/node/7148438

https://exchange.xforce.ibmcloud.com/vulnerabilities/287651

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2024