Lucene search
IbmCVE-2024-45075HistorySep 04, 2024 - 4:15 p.m.
CVE-2024-45075
2024-09-0416:15:08
CWE-308
ibm
web.nvd.nist.gov
27
ibm webmethods integration
authenticated user
privilege escalation
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
20.0%
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.
Affected configurations
Node
ibmwebmethods_integrationMatch10.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | webmethods_integration | 10.15 | cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:* |
CNA Affected
[
{
"cpes": [
"cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webMethods Integration",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.15"
}
]
}
]References
Related
vulnrichment
vulnrichment
CVE-2024-45075 IBM webMethods Integration privilege escalation
2024-09-04 16:01:17
cvelist
cvelist
CVE-2024-45075 IBM webMethods Integration privilege escalation
2024-09-04 16:01:17
nvd
nvd
CVE-2024-45075
2024-09-04 16:15:08
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM webMethods Integration
2024-09-04 17:01:39
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
20.0%
Related for CVE-2024-45075