CVE-2024-41778

Summary

IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

Affected Software

VendorProductVersion RangeStatus
IBMController11.0.0 <= 11.0.1affected
IBMController11.1.0affected

Weaknesses

  • CWE-521: CWE-521 Weak Password Requirements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References