Lucene search
IbmCVE-2024-45076HistorySep 04, 2024 - 4:15 p.m.
CVE-2024-45076
2024-09-0416:15:08
CWE-434
ibm
web.nvd.nist.gov
39
ibm webmethods
integration
arbitrary files
authenticated user
operating system
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
20.0%
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.
Affected configurations
Node
ibmwebmethods_integrationMatch10.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | webmethods_integration | 10.15 | cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:* |
CNA Affected
[
{
"cpes": [
"cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webMethods Integration",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.15"
}
]
}
]References
Related
vulnrichment
vulnrichment
CVE-2024-45076 IBM webMethods Integration code execution
2024-09-04 15:59:07
nvd
nvd
CVE-2024-45076
2024-09-04 16:15:08
cvelist
cvelist
CVE-2024-45076 IBM webMethods Integration code execution
2024-09-04 15:59:07
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM webMethods Integration
2024-09-04 17:01:39
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
20.0%
Related for CVE-2024-45076