CVE-2024-41741

Published Nov 1, 2024

Last updated 3 days ago

CVSS medium 5.3

Overview

Description: IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.
Source: psirt@us.ibm.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-203
psirt@us.ibm.com: CWE-208

Hype score: Not currently trending

🚨 Beware of Timing Attacks: #CVE-2024-41741 Vulnerability in #IBM TXSeries for Multiplatforms https://t.co/enWEh1sG8O
@UndercodeNews
15 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-41741 Timing Discrepancy in IBM TXSeries Reveals Valid Usernames IBM TXSeries for Multiplatforms 10.1 has a flaw that lets an attacker find valid usernames. This happens because there is a noticeable del... https://t.co/yp7xGf1dH7
@VulmonFeeds
2 Nov 2024
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-41741 IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attac… https://t.co/MJTcjdg78v
@CVEnew
1 Nov 2024
273 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E87CAC4-6CC5-4C17-B49C-88BAA7F1F806"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2024-41741
https://www.ibm.com/support/pages/node/7174572

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References