CVE-2024-45674 LOW

CVE-2024-45674: IBM Security Verify Bridge information disclosure

Vendor Ibm
Product Security Verify Bridge Directory Sync
Weakness CWE-532 · Sensitive info in logs
Published February 21, 2025
Last update August 15, 2025

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user.

Key dates

02Disclosure timeline

February 21, 2025 CVE published
August 15, 2025 Record updated

Related vulnerabilities

04Related CVE