CVE-2024-47120

Summary

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges.

Affected Software

VendorProductVersion RangeStatus
IBMSecurity Verify Information Queue10.0.5affected
IBMSecurity Verify Information Queue10.0.6affected
IBMSecurity Verify Information Queue10.0.7affected
IBMSecurity Verify Information Queue10.0.8affected

Weaknesses

  • CWE-250: CWE-250 Execution with Unnecessary Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References