CVE-2024-45075

8.8HIGH

Key Information

Vendor: IBM
Status: Webmethods Integration
Vendor: CVE Published:; 4 September 2024

Summary

IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 4, 2024

Collectors

NVD Database