CVE-2024-45640

IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7180313	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:ibm:security_qradar_edr:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

15 Jul 2025, 20:17

Type	Values Removed	Values Added
First Time		Linux linux Kernel Ibm security Qradar Edr Linux Ibm
References	~~() https://www.ibm.com/support/pages/node/7180313 -~~	() https://www.ibm.com/support/pages/node/7180313 - Vendor Advisory
Summary		(es) IBM Security ReaQta 3.12 devuelve información confidencial en una respuesta HTTP que podría utilizarse en futuros ataques contra el sistema.
CPE		cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:a:ibm:security_qradar_edr::::::::

07 Jan 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-07 13:15

Updated : 2025-07-15 20:17

NVD link : CVE-2024-45640

Mitre link : CVE-2024-45640

CVE.ORG link : CVE-2024-45640

JSON object : View

Products Affected

ibm

security_qradar_edr

linux

linux_kernel

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

5.3 /10