- Description
- IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@us.ibm.com
- CWE-620
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
CVE-2024-45647 01/20/2025 03:15:07 PM BaseSeverity: MEDIUM IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of... https://t.co/3safUwlVpa
@CVETracker
20 Jan 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45647 Unverified Password Reset Flaw in IBM Security Verify Access 10.0.8 https://t.co/fso7khSpVB
@VulmonFeeds
20 Jan 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45647 IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the passwo… https://t.co/7FwjMqOKhg
@CVEnew
20 Jan 2025
500 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64518F40-55CF-4DC8-A15E-AAACCC38BAD1",
"versionEndIncluding": "10.0.8",
"versionStartIncluding": "10.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CE089A7-24AA-4AC4-A630-D787E4BD4F0D",
"versionEndIncluding": "10.0.8",
"versionStartIncluding": "10.0.0"
}
],
"operator": "OR"
}
]
}
]