Unrestricted File Upload Vulnerability in IBM InfoSphere Information Server
CVE-2024-40705

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 15 August 2024

Summary

The vulnerability in IBM InfoSphere Information Server allows authenticated users to perform unrestricted file uploads. This misconfiguration can lead to significant file space consumption, potentially disrupting normal operations and impacting system performance. Organizations using this product should assess their configurations to mitigate this risk.

References

https://www.ibm.com/support/pages/node/7160855

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/298279

VDB Entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 15, 2024