CVE-2024-45647

CVSS 3.1 Score 5.6 of 10 (medium)

Details

Published Jan 20, 2025

CWE ID 620

Summary

CVE-2024-45647 is a vulnerability affecting IBM Security Verify Access versions 10.0.0 to 10.0.8 and IBM Security Verify Access Docker 10.0.0 to 10.0.8. This issue permits an unverified user to alter the password of an expired account, bypassing the need for prior password knowledge. This security weakness could lead to unauthorized account access and potential data breaches. IBM strongly recommends users upgrade to the latest software versions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/yTwVIa
https://www.cve.org/CVERecord?id=CVE-2024-45647
https://nvd.nist.gov/vuln/detail/CVE-2024-45647

Back to Vulnerability Database

CVE-2024-45647

CVSS 3.1 Score 5.6 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations