Information Disclosure Vulnerability in IBM Security Verify Products
CVE-2024-45674

3.3LOW

Key Information:

Vendor: IBM
Status: Security Verify Bridge Directory Sync
Vendor: CVE Published:; 22 February 2025

What is CVE-2024-45674?

The vulnerability in IBM Security Verify products arises from the improper handling of log files, where potentially sensitive information is stored. This exposure allows local users to access and read sensitive data, which may include user credentials or personal identifiable information, posing a security risk for organizations reliant on these systems. It is essential to implement mitigations and monitor access to logs to protect sensitive information from unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Security Verify Bridge Directory Sync 1.0.1 <= 1.0.12

References

https://www.ibm.com/support/pages/node/7183801

vendor-advisorypatch

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 22, 2025

JSON

IBM