IBM Security Access Manager Docker vulnerability could expose sensitive information

CVE-2024-35139

6.2MEDIUM

Key Information

Vendor: IBM
Status: Security Verify Access Docker
Vendor: Published:; 28 June 2024

Summary

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415.

Affected Version(s)

Security Verify Access Docker <= 10.0.7.1

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

HIGH

Integrity:

NONE

Availability:

NONE

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

Vulnerability published.
Jun 28, 2024
Vulnerability Reserved.
May 9, 2024

Collectors

NVD DatabaseMitre Database