7.5
CVE-2024-40697
- EPSS 0.11%
- Veröffentlicht 13.08.2024 11:15:17
- Zuletzt bearbeitet 22.08.2024 13:27:20
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Common Licensing information disclosure
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Common Licensing Version9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.293 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.