Severity
Medium
Analysis Summary
CVE-2024-45644 CVSS:4.7
IBM Security ReaQta could allow a remote authenticated attacker to upload or transfer malicious files, which could be automatically processed within the product's environment.
CVE-2024-31896 CVSS:5.9
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Impact
- Information Disclosure
- Gain Access
Indicators of Compromise
CVE
CVE-2024-45644
CVE-2024-31896
Affected Vendors
- IBM
Affected Products
- IBM Security ReaQta - 3.12
- IBM SPSS Statistics - 26.0
- IBM SPSS Statistics - 27.0.1
- IBM SPSS Statistics - 28.0.1
- IBM SPSS Statistics - 29.0.2
Remediation
Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.