CVE-2024-41778

CWE-5213 documents3 sources
Severity
6.5MEDIUM
EPSS
0.0%
top 85.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Controller
Timeline
PublishedMar 1

Description

IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/controller11.0.011.0.1+1
NVDibm/controller11.0.0, 11.0.1, 11.1.0+2

🔴Vulnerability Details

2
GHSA
GHSA-f86r-6rph-2h3c: IBM Controller 112025-03-01
CVEList
IBM Controller information disclosure2025-03-01
CVE-2024-41778 (MEDIUM CVSS 6.5) | IBM Controller 11.0.0 through 11.0. | cvebase.io