← Back

CVE-2024-56476

nvd nist
Published: Apr 2, 2025Modified: Jul 15, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: psirt@us.ibm.com (Secondary)

Description

IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy.

Affected (2)

Ibm
1 product
Txseries For Multiplatforms
Configuration A
2 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Ibm
Txseries For Multiplatforms
Version 11.1
Txseries For Multiplatforms
Version 9.1
Running on/withPlatform Versions
Ibm
Aix
All versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-204
Observable Response Discrepancy
The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

References (1)

Source: psirt@us.ibm.com
Vendor Advisory

Timeline

No history available yet.