Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45647

IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.

Published

2025-01-20T15:15:07.507

Last Modified

2025-01-29T21:11:50.207

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-620
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	security_verify_access	≤ 10.0.8	Yes
Application	ibm	security_verify_access_docker	≤ 10.0.8	Yes

References

https://www.ibm.com/support/pages/node/7176212 Vendor Advisory ([email protected])