IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7172206 |
History
Sat, 16 Nov 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:ibm:soar:*:*:*:*:*:*:*:* |
Thu, 14 Nov 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 14 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism. | |
Title | IBM Security SOAR weak password recovery mechanism | |
First Time appeared |
Ibm
Ibm soar |
|
Weaknesses | CWE-640 | |
CPEs | cpe:2.3:a:ibm:soar:51.0.1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Ibm
Ibm soar |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2024-11-14T11:50:02.851Z
Updated: 2024-11-14T14:13:23.637Z
Reserved: 2024-09-03T13:50:43.964Z
Link: CVE-2024-45670
Vulnrichment
Updated: 2024-11-14T14:06:01.168Z
NVD
Status : Analyzed
Published: 2024-11-14T12:15:18.570
Modified: 2024-11-16T00:24:57.203
Link: CVE-2024-45670
Redhat
No data.