Denial of Service Vulnerability in IBM Security Verify Directory
CVE-2024-45650

7.5HIGH

Key Information:

Vendor: IBM
Status: Security Verify Directory
Vendor: CVE Published:; 31 January 2025

What is CVE-2024-45650?

IBM Security Verify Directory versions 10.0 through 10.0.3 are susceptible to a denial of service vulnerability triggered by LDAP extended operations. This issue can be exploited by sending malicious requests, potentially causing service interruptions and impacting overall system availability. Organizations using this product should assess their exposure to this vulnerability and implement appropriate security measures.

Affected Version(s)

Security Verify Directory 10.0.0 <= 10.0.3

References

https://www.ibm.com/support/pages/node/7182169

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 31, 2025
Vulnerability Reserved
Sep 3, 2024