CVE-2024-45674: IBM Security Verify Bridge information disclosure
First published: Thu Feb 20 2025(Updated: )
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM BM Security Verify Bridge Directory Sync | <=1.0.1 - 1.0.12 | |
| IBM Security Verify Gateway for Windows Login | <=1.0.1 - 1.0.10 | |
| IBM Security Verify Gateway for Radius | <=1.0.1 - 1.0.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/references
- agent/type
- agent/first-publish-date
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/title
- agent/author
- agent/source
- agent/softwarecombine
- agent/description
- agent/tags
- agent/event
- vendor/ibm
- canonical/ibm bm security verify bridge directory sync
- version/ibm bm security verify bridge directory sync/1.0.1 - 1.0.12
- canonical/ibm security verify gateway for windows login
- version/ibm security verify gateway for windows login/1.0.1 - 1.0.10
- canonical/ibm security verify gateway for radius
- version/ibm security verify gateway for radius/1.0.1 - 1.0.11