CVE-2024-45075

IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.
References
Link Resource
https://www.ibm.com/support/pages/node/7167245 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*

History

06 Sep 2024, 16:45

Type Values Removed Values Added
References () https://www.ibm.com/support/pages/node/7167245 - () https://www.ibm.com/support/pages/node/7167245 - Vendor Advisory
First Time Ibm
Ibm webmethods Integration
CWE NVD-CWE-Other
CPE cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*

05 Sep 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) IBM webMethods Integration 10.15 podría permitir que un usuario autenticado cree tareas de planificador que le permitan escalar sus privilegios a administrador debido a la falta de autenticación.

04 Sep 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-04 16:15

Updated : 2024-09-06 16:45


NVD link : CVE-2024-45075

Mitre link : CVE-2024-45075

CVE.ORG link : CVE-2024-45075


JSON object : View

Products Affected

ibm

  • webmethods_integration
CWE
NVD-CWE-Other CWE-308

Use of Single-factor Authentication