IBM Security Verify Access impacted by dozens of bugs

6 November 2024

Malicious multi-factor authenticators could be added by threat actors to ISVA through the abuse of the solution’s authentication bypass issue and back-end access, which could then allow complete infrastructure takeovers, noted Barre. “Note that even with network restrictions, a low privileged user on a trusted machine can fully compromise the authentication solution, since the back-end used to manage the entire authentication infrastructure can be reached without authentication by sending a specific HTTP header,”

Source: SC Magazine

Date:

6 November 2024

Categorie(s):

NEWS

Tag(s):

Access, IBM Security, IT, Verify, Vulnerability Management

Updated whitepaper: Architecting for PCI DSS Segmentation and Scoping on AWS15 November 2024
Cybersecurity dominates concerns among the C-suite, small businesses and the nation15 November 2024
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitary Code Remotely15 November 2024
ServiceNow eyes generative AI governance as a competitive advantage – launches new tools15 November 2024
Bitfinex burglar bags 5 years behind bars for Bitcoin heist15 November 2024