Multiple IBM Verify Identity Access Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-56342 CVSS:4.3

IBM Verify Identity Access Digital Credentials could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

CVE-2024-56343 CVSS:4.3

IBM Verify Identity Access Digital Credentials could allow an authenticated user to crash the service with a specially crafted POST request.

Impact

Information Disclosure
Denial of Service

Indicators of Compromise

CVE

CVE-2024-56342
CVE-2024-56343

Affected Vendors

Affected Products

IBM Verify Identity Access Digital Credentials - 24.06

Remediation

Refer to the IBM Security Advisory for patch, upgrade, or suggested workaround information.

IBM Security Advisory

CVE-2025-47966 – Microsoft Power Automate Vulnerability

Chrome Extensions Vulnerability Exposes API Keys, Secrets, and Tokens

Multiple IBM Verify Identity Access Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan