Cyber Resilience

CVE-2024-7577

Medium

Published: 29 March 2025

Published
29 March 2025
Modified
08 July 2025
KEV Added
Patch
CVSS Score v3.1 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0018 39.2th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-7577 is a medium-severity Insertion of Sensitive Information into Log File (CWE-532) vulnerability in Ibm Infosphere Information Server. Its CVSS base score is 4.4 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 39.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AU-3 (Content of Audit Records) and AU-9 (Protection of Audit Information).

Deeper analysis

CVE-2024-7577 is a vulnerability in IBM InfoSphere Information Server 11.7 that could allow disclosure of sensitive user credentials from log files during a new installation of the product. This issue stems from CWE-532 (Insertion of Sensitive Information into Log File) and has a CVSS v3.1 base score of 4.4 (AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N), indicating medium severity primarily due to high confidentiality impact.

Exploitation requires a high-privileged user (PR:H) with network access (AV:N) to the affected system, though it involves high attack complexity (AC:H) and no user interaction (UI:N). A successful attacker could achieve high-impact unauthorized access to sensitive credentials stored in the log files, but with no impact on integrity or availability and unchanged scope (S:U).

For mitigation details, refer to the IBM security advisory at https://www.ibm.com/support/pages/node/7185020, which was published on 2025-03-29.

EU & UK References

Vulnerability details

IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

The vulnerability directly inserts sensitive credentials into log files (CWE-532), enabling adversaries to discover and access unsecured credentials stored in files on the local system.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-36258Same product: Ibm Aix
CVE-2025-14974Same product: Ibm Aix
CVE-2024-52363Same product: Ibm Aix
CVE-2024-51459Same product: Ibm Aix
CVE-2025-13855Same product: Ibm Aix
CVE-2026-8855Same product: Ibm Aix
CVE-2026-6052Same product: Ibm Aix
CVE-2026-8850Same product: Ibm Aix
CVE-2024-41783Same product: Ibm Aix
CVE-2026-8856Same product: Ibm Aix

Affected Assets

ibm
infosphere information server
11.7 — 11.7.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AU-3 defines and limits the content of audit records to exclude sensitive information such as credentials, directly preventing insertion of sensitive data into log files as in CWE-532.

prevent

AU-9 requires protection of audit information from unauthorized access or disclosure, mitigating exposure of credentials in log files even to high-privileged users.

detect

AU-13 monitors system outputs including logs for unauthorized disclosure of sensitive information, enabling detection of credential exposure during installation.

References