CVE-2024-49803

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8

Description: The issue is related to the failure to neutralize special elements, which could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. This could potentially lead to the execution of arbitrary code.

Recommendations: For IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8, consider disabling the functionality that allows remote authenticated attackers to send specially crafted requests until a patch is available. Restrict access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.