Lucene search

[email protected]CVE-2024-31883

HistoryJun 27, 2024 - 4:15 p.m.

CVE-2024-31883

2024-06-2716:15:11

CWE-703

[email protected]

web.nvd.nist.gov

ibm

security

verify access

denial of service

resource consumption

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

IBM Security Verify Access 10.0.0.0 through 10.0.7.1, under certain configurations, could allow an unauthenticated attacker to cause a denial of service due to asymmetric resource consumption. IBM X-Force ID: 287615.

Affected configurations

Vulners

Node

ibmsecurity_verify_accessRange10.0.0.0–10.0.7.1

CNA Affected

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:security_verify_access:10.0.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access:10.0.7.1:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Security Verify Access",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.7.1",
        "status": "affected",
        "version": "10.0.0.0",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/287615

www.ibm.com/support/pages/node/7158789

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-31883

nvd1 vulnrichment1 cvelist1 ibm1