CVE-2024-45674

LOW

IBM Security Verify Bridge Directory Sync 1.0.1-1.0.12 - Sensitive Information Disclosure in Log Files

Title source: llm
STIX 2.1

Description

IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7183801

Scores

CVSS v3 3.3
EPSS 0.0014
EPSS Percentile 3.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-532
Status published
Products (3)
ibm/security_verify_bridge_directory_sync 1.0.1 - 1.0.12
ibm/security_verify_gateway_for_radius 1.0.1 - 1.0.11
ibm/security_verify_gateway_for_windows_login 1.0.1 - 1.0.10
Published Feb 22, 2025
Tracked Since Feb 18, 2026