Remote Command Execution Vulnerability in IBM App Connect Enterprise Certified Container
CVE-2024-51465

8.8HIGH

Key Information:

Vendor: IBM
Status: App Connect Enterprise Certified Container
Vendor: CVE Published:; 4 December 2024

What is CVE-2024-51465?

The vulnerability allows remote authenticated attackers to execute arbitrary commands on systems running IBM App Connect Enterprise Certified Container versions 11.4 to 12.3. By sending specially crafted requests, attackers can exploit this flaw to perform unauthorized actions, potentially leading to significant security breaches. Organizations using these versions should take immediate steps to assess their exposure and implement recommended security measures.

References

https://www.ibm.com/support/pages/node/7177814

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2024