CVE-2024-28766 LOW

CVE-2024-28766: IBM Security Directory Integrator information disclosure

Vendor Ibm
Product Security Directory Integrator
Weakness CWE-548 · Directory listing
Published January 27, 2025
Last update February 12, 2025

CVSS base score

2.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system.

Key dates

02Disclosure timeline

January 27, 2025 CVE published
February 12, 2025 Record updated