CVE-2024-47120

CWE-2503 documents3 sources

Severity

6.8MEDIUM

EPSS

0.0%

top 97.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Verify Information Queue

Timeline

PublishedSep 10

Description

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.5 | Impact: 5.9

Affected Packages2 packages

▶NVDibm/security_verify_information_queue10.0.5 — 10.0.11

▶CVEListV5ibm/security_verify_information_queue4 versions+3

🔴Vulnerability Details

CVEList

IBM Security Verify Information Queue code execution↗2025-09-10

▶

GHSA

GHSA-w793-v64w-r643: IBM Security Verify Information Queue 10↗2025-09-10

▶