Malicious File Upload Vulnerability in IBM Analytics Content Hub
CVE-2024-39752

6.8MEDIUM

Key Information:

Vendor: IBM
Status: Analytics Content Hub
Vendor: CVE Published:; 10 July 2025

What is CVE-2024-39752?

IBM Analytics Content Hub versions 2.0 through 2.3 are susceptible to a security weakness that allows attackers to upload malicious executable files. By bypassing file type validation during the content exploration process, this vulnerability enables the execution of harmful scripts within the application environment. As a result, compromised systems may face additional risks, including unauthorized access and data breaches, underscoring the importance of implementing strict file upload controls.

Affected Version(s)

Analytics Content Hub 2.0, 2.1, 2.2, 2.3

References

https://www.ibm.com/support/pages/node/7234122

vendor-advisory

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Jun 28, 2024