Cross-Site Request Forgery Vulnerability in IBM ApplinX 11.1
CVE-2024-49795

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Applinx
Vendor: CVE Published:; 6 February 2025

What is CVE-2024-49795?

IBM ApplinX 11.1 is affected by a cross-site request forgery vulnerability that may allow attackers to execute unauthorized actions by sending crafted requests from a trusted user. This means that if an attacker manipulates a logged-in user's browser, they can force the user to perform actions without their consent, potentially compromising data integrity and user safety.

Affected Version(s)

ApplinX 11.1

References

https://www.ibm.com/support/pages/node/7182522

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2025