CVE-2024-45655

CWE-732 — Incorrect Permission Assignment3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 87.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Application Gateway

Timeline

PublishedJun 3

Description

IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/application_gateway19.12 — 24.09

▶NVDibm/application_gateway19.12 — 24.09

🔴Vulnerability Details

GHSA

GHSA-cr8c-wj8h-x5p3: IBM Application Gateway 19↗2025-06-03

▶

CVEList

IBM Application Gateway incorrect permission assignment↗2025-06-03

▶