What is the severity of CVE-2024-43187?

CVE-2024-43187 has been classified as a high severity vulnerability due to the potential exposure of sensitive data in cleartext.

How do I fix CVE-2024-43187?

To mitigate CVE-2024-43187, upgrade IBM Security Verify Access Appliance and Container to a version higher than 10.0.8 which ensures that sensitive data is transmitted securely.

What data is affected by CVE-2024-43187?

CVE-2024-43187 affects sensitive or security-critical data transmitted in cleartext by IBM Security Verify Access Appliance and Container.

Can CVE-2024-43187 be exploited remotely?

Yes, CVE-2024-43187 can be exploited remotely by unauthorized actors through sniffing communication channels.

Vulnerability/
CVE-2024-43187

medium

5.9

CWE

319

3/2/2025

4/2/2025

CVE-2024-43187: IBM Security Verify Access information disclosure

Q: Who does CVE-2024-43187 affect?

CVE-2024-43187 affects users of IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8.

First published: Mon Feb 03 2025(Updated: )

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security Verify Access Appliance and Container	<=10.0.0 - 10.0.8
IBM Security Verify Access Container	<=10.0.0 - 10.0.8

Never miss a vulnerability like this again

Reference Links

https://www.ibm.com/support/pages/node/7182386 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

IBM-7182386

Frequently Asked Questions

What is the severity of CVE-2024-43187?
CVE-2024-43187 has been classified as a high severity vulnerability due to the potential exposure of sensitive data in cleartext.
How do I fix CVE-2024-43187?
To mitigate CVE-2024-43187, upgrade IBM Security Verify Access Appliance and Container to a version higher than 10.0.8 which ensures that sensitive data is transmitted securely.
What data is affected by CVE-2024-43187?
CVE-2024-43187 affects sensitive or security-critical data transmitted in cleartext by IBM Security Verify Access Appliance and Container.
Who does CVE-2024-43187 affect?
CVE-2024-43187 affects users of IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8.
Can CVE-2024-43187 be exploited remotely?
Yes, CVE-2024-43187 can be exploited remotely by unauthorized actors through sniffing communication channels.

collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/title
agent/description
collector/nvd-api
source/NVD
agent/severity
agent/last-modified-date
agent/author
agent/source
agent/tags
agent/event
vendor/ibm
canonical/ibm security verify access appliance and container
version/ibm security verify access appliance and container/10.0.0 - 10.0.8
canonical/ibm security verify access container
version/ibm security verify access container/10.0.0 - 10.0.8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.