Cross-Site Request Forgery Vulnerability in IBM Storage TS4500 Library
CVE-2024-43192

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Storage Ts4500 Library
Vendor: CVE Published:; 27 September 2025

What is CVE-2024-43192?

The IBM Storage TS4500 Library versions 1.11.0.0 and 2.11.0.0 are susceptible to a cross-site request forgery (CSRF) vulnerability. This flaw allows attackers to potentially perform unauthorized actions by exploiting the trust a user's browser has established with the server. Attackers can craft malicious requests that mimic legitimate user actions, posing significant security risks. It is critical for users and administrators to implement necessary security practices and updates to mitigate this vulnerability effectively.

Affected Version(s)

Storage TS4500 Library 1.11.0.0

Storage TS4500 Library 2.11.0.0

References

https://www.ibm.com/support/pages/node/7246245

vendor-advisorypatch

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 27, 2025
Vulnerability Reserved
Aug 7, 2024

JSON