CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-35133

IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.9%

CVSS Severity

CVSS v3 Score 6.8

References

Products affected by CVE-2024-35133

Ibm » Security Verify Access » Version: 10.0.0

cpe:2.3:a:ibm:security_verify_access:10.0.0
Ibm » Security Verify Access » Version: 10.0.0.0

cpe:2.3:a:ibm:security_verify_access:10.0.0.0
Ibm » Security Verify Access » Version: 10.0.0.1

cpe:2.3:a:ibm:security_verify_access:10.0.0.1
Ibm » Security Verify Access » Version: 10.0.0.6

cpe:2.3:a:ibm:security_verify_access:10.0.0.6
Ibm » Security Verify Access » Version: 10.0.0.7

cpe:2.3:a:ibm:security_verify_access:10.0.0.7
Ibm » Security Verify Access » Version: 10.0.1

cpe:2.3:a:ibm:security_verify_access:10.0.1
Ibm » Security Verify Access » Version: 10.0.1.0

cpe:2.3:a:ibm:security_verify_access:10.0.1.0
Ibm » Security Verify Access » Version: 10.0.2

cpe:2.3:a:ibm:security_verify_access:10.0.2
Ibm » Security Verify Access » Version: 10.0.2.0

cpe:2.3:a:ibm:security_verify_access:10.0.2.0
Ibm » Security Verify Access » Version: 10.0.3

cpe:2.3:a:ibm:security_verify_access:10.0.3
Ibm » Security Verify Access » Version: 10.0.3.0

cpe:2.3:a:ibm:security_verify_access:10.0.3.0
Ibm » Security Verify Access » Version: 10.0.4

cpe:2.3:a:ibm:security_verify_access:10.0.4
Ibm » Security Verify Access » Version: 10.0.4.0

cpe:2.3:a:ibm:security_verify_access:10.0.4.0
Ibm » Security Verify Access » Version: 10.0.5

cpe:2.3:a:ibm:security_verify_access:10.0.5
Ibm » Security Verify Access » Version: 10.0.6

cpe:2.3:a:ibm:security_verify_access:10.0.6
Ibm » Security Verify Access » Version: 10.0.7

cpe:2.3:a:ibm:security_verify_access:10.0.7
Ibm » Security Verify Access » Version: 10.0.7.1

cpe:2.3:a:ibm:security_verify_access:10.0.7.1
Ibm » Security Verify Access » Version: 10.0.8

cpe:2.3:a:ibm:security_verify_access:10.0.8
Ibm » Security Verify Access Docker » Version: 10.0.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.0
Ibm » Security Verify Access Docker » Version: 10.0.0.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.0
Ibm » Security Verify Access Docker » Version: 10.0.0.6

cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.6
Ibm » Security Verify Access Docker » Version: 10.0.0.7

cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.7
Ibm » Security Verify Access Docker » Version: 10.0.1.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.1.0
Ibm » Security Verify Access Docker » Version: 10.0.2.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.2.0
Ibm » Security Verify Access Docker » Version: 10.0.3.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.3.0
Ibm » Security Verify Access Docker » Version: 10.0.4.0

cpe:2.3:a:ibm:security_verify_access_docker:10.0.4.0
Ibm » Security Verify Access Docker » Version: 10.0.6.1

cpe:2.3:a:ibm:security_verify_access_docker:10.0.6.1
Ibm » Security Verify Access Docker » Version: 10.0.7

cpe:2.3:a:ibm:security_verify_access_docker:10.0.7
Ibm » Security Verify Access Docker » Version: 10.0.8

cpe:2.3:a:ibm:security_verify_access_docker:10.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-35133

Products

Pricing

Contact Us