June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Ticketmaster Acknowledges Data Breach Following Online Sale of Stolen Data – Active IOCs
June 3, 2024
CVE-2024-21512 – Node.js MySQL2 Vulnerability
June 3, 2024
Ticketmaster Acknowledges Data Breach Following Online Sale of Stolen Data – Active IOCs
June 3, 2024
CVE-2024-21512 – Node.js MySQL2 Vulnerability
June 3, 2024
Severity
High
Analysis Summary
CVE-2024-22338 CVSS:4
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation.
CVE-2024-35142 CVSS:8.4
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.
CVE-2024-35141 CVSS:8.4
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges.
CVE-2024-35140 CVSS:7.7
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation.
Impact
- Information Disclosure
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-22338
- CVE-2024-35142
- CVE-2024-35141
- CVE-2024-35140
Affected Vendors
IBM
Affected Products
- IBM Security Verify Access OIDC Provider 22.09
- IBM Security Verify Access OIDC Provider 23.03
- IBM Security Verify Access Docker 10.0.0
- IBM Security Verify Access Docker 10.0.6
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.
