CVE-2024-45671

CWE-327 — Broken Cryptographic Algorithm3 documents3 sources

Severity

7.5HIGH

EPSS

0.0%

top 96.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Verify Information Queue

Timeline

PublishedSep 10

Description

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/security_verify_information_queue10.0.5 — 10.0.11

▶CVEListV5ibm/security_verify_information_queue4 versions+3

🔴Vulnerability Details

CVEList

IBM Security Verify Information Queue information disclosure↗2025-09-10

▶

GHSA

GHSA-r74c-43rg-h54f: IBM Security Verify Information Queue 10↗2025-09-10

▶