Lucene search

[email protected]CVE-2024-35140

HistoryMay 31, 2024 - 5:15 p.m.

CVE-2024-35140

2024-05-3117:15:08

CWE-295

[email protected]

web.nvd.nist.gov

nvd vulnerability 2024

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.

Affected configurations

Vulners

Node

ibmsecurity_verify_access_dockerRange10.0.0–10.0.6

CNA Affected

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:security_verify_access_docker:10.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access_docker:10.0.6:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Security Verify Access Docker",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.0.6",
        "status": "affected",
        "version": "10.0.0",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/292416

www.ibm.com/support/pages/node/7155356

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-35140

vulnrichment1 cvelist1 nvd1 ibm1