Vulnerabilities > CVE-2024-49817

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

CWE-260

NVD

Published: 2024-12-17

Updated: 2024-12-17

Summary

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user.

Common Weakness Enumeration (CWE)

CWE-260 - Password in Configuration File

References

https://www.ibm.com/support/pages/node/7175067

Vulnerabilities > CVE-2024-49817 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-49817"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2024-49817