Overview
IBM has released updates to fix vulnerabilities in their products. Users of affected versions are advised to update to the latest version.
Affected Products
CVE-2024-40697
- IBM Common Licensing version: 9.0 (Agent)
- IBM Common Licensing version: 9.0 (ART)
Resolved Vulnerabilities
Vulnerability in not requiring users to have strong passwords, which could allow attackers to compromise user accounts (CVE-2024-40697)
Vulnerability Patches
Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-40697
- Updated based on “Remediation/Fixes” on the referenced site[2]
Referenced Sites
[1] CVE-2024-40697 Detail
https://nvd.nist.gov/vuln/detail/cve-2024-40697
[2] Security Bulletin: IBM Common Licensing is affected by a Weak Password Policy vulnerability (CVE-2024-40697)
https://www.ibm.com/support/pages/node/7165250
Article Link: IBM Product Security Update Advisory (CVE-2024-40697) – ASEC