PT-2025-2724 · Ibm · Ibm Security Verify Access Appliance+1
Ben Goodspeed
+8
·
Published
2025-02-04
·
Updated
2025-08-08
·
CVE-2024-45658
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8
Description:
The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
Recommendations:
For versions 10.0.0 through 10.0.8, consider disabling the detailed technical error messages to minimize the risk of exploitation. Restrict access to error messages to prevent potential attackers from obtaining sensitive information.
Fix
Generation of Error Message Containing Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Security Verify Access Appliance
Ibm Security Verify Access Container