CVE-2024-28787

Critical

IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain…

ibm·CWE-650·Published 2024-04-04

CVSS

10.0

EPSS

0.01

KEV

Exploits

cve.orgen

268 chars

IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-Force ID: 286584.

NVDen

268 chars

NVDes

290 chars

IBM Security Verify Access 10.0.0 a 10.0.7 e IBM Application Gateway 20.01 a 24.03 podrían permitir a un atacante remoto obtener información privada altamente confidencial o provocar una denegación de servicio mediante una solicitud HTTP especialmente manipulada. ID de IBM X-Force: 286584.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	10.0	3.9	5.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
3.1	Primary	cve.org	8.7	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H