Unauthorized Actions in IBM Security ReaQta Due to Untrusted Inputs
CVE-2024-45654

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Security Reaqta
Vendor: CVE Published:; 19 January 2025

What is CVE-2024-45654?

A security vulnerability in IBM Security ReaQta 3.12 allows authenticated users to execute unauthorized actions due to improper validation of untrusted inputs. This flaw can potentially lead to significant security risks if exploited, as it undermines the intended restrictions and integrity of the system, exposing sensitive data and critical functionality to potential misuse.

Affected Version(s)

Security ReaQta 3.12

References

https://www.ibm.com/support/pages/node/7175072

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 19, 2025
Vulnerability Reserved
Sep 3, 2024