Sensitive Information Exposure in IBM Jazz Foundation Products
CVE-2024-41780

4.2MEDIUM

Key Information:

Vendor: IBM
Vendor: CVE Published:; 3 January 2025

Summary

IBM Jazz Foundation versions 7.0.2, 7.0.3, and 7.1.0 are vulnerable to a security issue that allows a physical user to obtain sensitive information. This vulnerability arises from the failure to mask passwords during entry, potentially exposing confidential data to unauthorized individuals. The lack of effective password masking can lead to information leakage in various environments, raising concerns about data privacy and security.

References

https://www.ibm.com/support/pages/node/7180119

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 3, 2025

Collectors

NVD Database