Skip to main content

Entirex CVE-2024-56493

LOW
Error Message Information Leak (CWE-209)
2025-02-27 psirt@us.ibm.com
3.3
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:28 vuln.today
CVE Published
Feb 27, 2025 - 15:15 nvd
LOW 3.3

DescriptionCVE.org

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.

AnalysisAI

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-209. IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. Affected products include: Ibm Entirex.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-54171 HIGH
7.1 Feb 06

IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. Rated high sev

CVE-2024-54169 MEDIUM
6.5 Feb 27

IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. Rated medium severity (CVS

CVE-2025-0158 MEDIUM
5.5 Feb 06

IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation. Ra

CVE-2024-54170 MEDIUM
5.5 Feb 27

IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an ineffi

CVE-2024-56812 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2024-56811 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2024-56810 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2024-56496 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2024-56495 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2024-56494 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

CVE-2025-0759 LOW
3.3 Feb 27

IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared reso

CVE-2024-56467 LOW
3.3 Feb 06

IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is ret

Share

CVE-2024-56493 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy