CVE-2024-43187

Name of the Vulnerable Software and Affected Versions IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8

Description The issue involves the transmission of sensitive or security-critical data in cleartext in a communication channel that can be detected by unauthorized actors. This allows potential eavesdropping, compromising the confidentiality and security of the data.

Recommendations For versions 10.0.0 through 10.0.8, consider implementing encryption for sensitive data transmission to prevent unauthorized access. As a temporary workaround, restrict access to the communication channel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.