CVE-2024-49806

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8

Description: The issue concerns hard-coded credentials, such as a password or cryptographic key, used by the appliance for its own inbound authentication, outbound communication to external components, or encryption of internal data. This poses serious cybersecurity risks.

Recommendations: For versions 10.0.0 through 10.0.8, consider disabling the use of hard-coded credentials as a temporary workaround until a patch is available. Restrict access to the appliance to minimize the risk of exploitation. Avoid using the affected appliance for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.