CVE-2024-41741

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-41741
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7174572 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:txseries_for_multiplatforms:10.1:*:*:*:*:*:*:*
History

14 Nov 2024, 20:42

Type Values Removed Values Added
First Time Ibm
Ibm txseries For Multiplatforms
CPE cpe:2.3:a:ibm:txseries_for_multiplatforms:10.1:*:*:*:*:*:*:*
CWE CWE-203
Summary
  • (es) IBM TXSeries for Multiplatforms 10.1 podría permitir que un atacante determine nombres de usuario válidos debido a una discrepancia de tiempo observable que podría usarse en futuros ataques contra el sistema.
References () https://www.ibm.com/support/pages/node/7174572 - () https://www.ibm.com/support/pages/node/7174572 - Vendor Advisory

01 Nov 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-01 17:15

Updated : 2024-11-14 20:42

NVD link : CVE-2024-41741

Mitre link : CVE-2024-41741

CVE.ORG link : CVE-2024-41741

JSON object : View

Products Affected

ibm

  • txseries_for_multiplatforms
CWE
CWE-203

Observable Discrepancy

CWE-208

Observable Timing Discrepancy