CVE-2024-40700
- EPSS 0.15%
- Published 04.02.2025 21:15:26
- Last modified 05.08.2025 13:54:50
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended function...
CVE-2024-43187
- EPSS 0.03%
- Published 04.02.2025 21:15:26
- Last modified 05.08.2025 14:07:24
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CVE-2024-45657
- EPSS 0.01%
- Published 04.02.2025 21:15:26
- Last modified 05.08.2025 14:10:01
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.
CVE-2024-45659
- EPSS 0.06%
- Published 04.02.2025 18:15:34
- Last modified 05.08.2025 13:51:02
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the ...