CVE-2024-28766

CWE-5483 documents3 sources

Severity

7.5HIGH

EPSS

0.1%

top 73.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Directory Integrator IBM Security Verify Directory Integrator

Timeline

PublishedJan 27

Description

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5ibm/security_verify_directory_integrator10.0.0

▶NVDibm/security_verify_directory_integrator10.0.0

▶CVEListV5ibm/security_directory_integrator7.2.0

▶NVDibm/security_directory_integrator7.2.0

🔴Vulnerability Details

GHSA

GHSA-jhj5-wgm2-6mqf: IBM Security Directory Integrator 7↗2025-01-27

▶

CVEList

IBM Security Directory Integrator information disclosure↗2025-01-27

▶