CVE-2024-28787 – This vulnerability in IBM Security Verify Acces... (How to Fix)

Q: What is the severity of CVE-2024-28787?

CVE-2024-28787 has a CVSS score of 8.7 (HIGH). This vulnerability in IBM Security Verify Access and IBM Application Gateway allows remote attackers to obtain sensitive information or cause denial of service via specially crafted HTTP requests. It affects IBM Security Verify Access versions 10.0.0 through 10.0.7 and IBM Application Gateway versions 20.01 through 24.03. The high CVSS score of 8.7 indicates significant risk.

📋 TL;DR

This vulnerability in IBM Security Verify Access and IBM Application Gateway allows remote attackers to obtain sensitive information or cause denial of service via specially crafted HTTP requests. It affects IBM Security Verify Access versions 10.0.0 through 10.0.7 and IBM Application Gateway versions 20.01 through 24.03. The high CVSS score of 8.7 indicates significant risk.

💻 Affected Systems

Products:

IBM Security Verify Access
IBM Application Gateway

Versions: IBM Security Verify Access 10.0.0-10.0.7, IBM Application Gateway 20.01-24.03

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments within affected version ranges are vulnerable regardless of configuration.

📦 What is this software?

Application Gateway by Ibm

View all CVEs affecting Application Gateway →

Security Verify Access by Ibm

View all CVEs affecting Security Verify Access →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with exfiltration of highly sensitive authentication data and credentials, leading to full organizational breach.

🟠

Likely Case

Information disclosure of private configuration data or denial of service affecting application availability.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing exploitation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires specially crafted HTTP requests but no authentication, making exploitation straightforward for attackers who discover the technique.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: IBM Security Verify Access 10.0.8+, IBM Application Gateway 24.04+

Vendor Advisory: https://www.ibm.com/support/pages/node/7145828

Restart Required: Yes

Instructions:

1. Download patches from IBM Fix Central. 2. Apply patches according to IBM documentation. 3. Restart affected services. 4. Verify patch application.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict access to affected systems to trusted IP addresses only

# Use firewall rules to limit access
# Example: iptables -A INPUT -p tcp --dport 443 -s trusted_network -j ACCEPT
# Example: iptables -A INPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

Implement strict network segmentation and firewall rules to limit access to affected systems
Deploy web application firewall (WAF) with rules to block suspicious HTTP request patterns

🔍 How to Verify

Check if Vulnerable:

Check version numbers in IBM Security Verify Access or IBM Application Gateway administration console

Check Version:

# For IBM Security Verify Access: Check admin console or product documentation
# For IBM Application Gateway: Check gateway configuration or administration interface

Verify Fix Applied:

Verify version is updated to IBM Security Verify Access 10.0.8+ or IBM Application Gateway 24.04+

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP request patterns
Multiple malformed requests from single sources
Error logs showing request processing failures

Network Indicators:

HTTP requests with unusual headers or parameters
Repeated connection attempts to vulnerable endpoints

SIEM Query:

source="ibm_gateway" AND (http_request contains "malformed" OR http_status=500) | stats count by src_ip

📊 Metadata

CVE ID: CVE-2024-28787

CVSS v3 Score: 8.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H

CWE: CWE-650

Published: April 4, 2024

Last Updated: August 14, 2025

🔗 References

https://exchange.xforce.ibmcloud.com/vulnerabilities/286584 Vendor Advisory
https://www.ibm.com/support/pages/node/7145828 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/286584 Vendor Advisory
https://www.ibm.com/support/pages/node/7145828 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-28787, you might also want to check these: