CVE-2024-35137

Summary

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413.

Affected Software

VendorProductVersion RangeStatus
IBMSecurity Verify Access Docker10.0.0.0 <= 10.0.7.1affected

Weaknesses

  • CWE-258: CWE-258 Empty Password in Configuration File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References