CVE-2024-45674

IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 

stores potentially sensitive information in log files that could be read by a local user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
ibmsecurity_verify_bridge_directory_sync
1.0.1 ≤
𝑥
≤ 1.0.12
ibmsecurity_verify_gateway_for_radius
1.0.1 ≤
𝑥
≤ 1.0.11
ibmsecurity_verify_gateway_for_windows_login
1.0.1 ≤
𝑥
≤ 1.0.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7183801