K000149845: pam_access vulnerability CVE-2024-10963

🗓️ 18 Feb 2025 17:28:37Reported by f5Type

f5🔗 my.f5.com👁 6 Views

Vulnerability found in pam_access allows unauthorized access by spoofing hostnames.

Reporter	Title	Published	Views	Family All 125
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for February 2025.	12 Mar 202511:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	12 Nov 202519:08	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server Liberty container shipped with containerized IBM Security Guardium Key Lifecycle Manager 5.0 (GKLM) (CVE-2024-10963)	8 Apr 202509:41	–	ibm
IBM Security Bulletins	Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for April 2025.	5 May 202516:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data are addressed	4 Aug 202512:44	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	17 Apr 202513:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to PAM, go-git and Golang.org/X/Crypto	27 Feb 202503:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Base OS issues	2 Apr 202517:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	6 Aug 202516:10	–	ibm

18 Feb 2025 17:28Current

7High risk

Vulners AI Score7

CVSS 3.17.4

EPSS0.00567

SSVC

pam_access vulnerability unauthorized access security flaw configuration file trusted hostname