CVE-2024-28765 MEDIUM

CVE-2024-28765: Security vulnerability was found in IBM Security Directory Integrator

Vendor Ibm
Product SDI
Weakness CWE-209 · Error message info leak
Published May 27, 2026
Last update May 28, 2026

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

Key dates

02Disclosure timeline

May 27, 2026 CVE published
May 28, 2026 Record updated