Lucene search

CVE-2024-31897

🗓️ 08 Jul 2024 03:02:15Reported by ibmType

IBM Cloud Pak for Business Automation 18.0.0 and higher versions vulnerable to SSRF

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Vulnrichment	CVE-2024-31897 IBM Cloud Pak for Business Automation server-side request forgery	8 Jul 202402:01	–	vulnrichment
Cvelist	CVE-2024-31897 IBM Cloud Pak for Business Automation server-side request forgery	8 Jul 202402:01	–	cvelist
CNVD	IBM Cloud Pak for Business Automation Server-Side Request Forgery Vulnerability	10 Jul 202400:00	–	cnvd
IBM Security Bulletins	Security Bulletin: IBM Content Navigator is vulnerable to Cross Site Port Attack due to Daeja ViewONE (CVE-2024-31897)	2 Aug 202403:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for June 2024.	29 Jan 202521:09	–	ibm
NVD	CVE-2024-31897	8 Jul 202403:15	–	nvd

Nvd

Vulners

Node

ibm cloud_pak_for_business_automationRange18.0.0–18.0.2

ibm cloud_pak_for_business_automationRange19.0.1–19.0.3

ibm cloud_pak_for_business_automationRange20.0.1–20.0.3

ibm cloud_pak_for_business_automationMatch21.0.1-

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_005

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_006

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_007

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_008

ibm cloud_pak_for_business_automationMatch21.0.3-

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_001

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_002

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_003

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_004

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_005

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_006

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_007

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_008

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_009

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_010

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_011

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_012

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_013

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_014

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_015

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_016

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_017

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_018

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_019

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_020

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_021

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_022

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_023

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_024

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_025

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_026

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_028

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_029

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_030

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_031

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_032

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_033

ibm cloud_pak_for_business_automationMatch22.0.1-

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_005

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_006

ibm cloud_pak_for_business_automationMatch22.0.2-

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_001

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_002

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_003

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_004

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_005

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_006

ibm cloud_pak_for_business_automationMatch23.0.1-

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch23.0.2-

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_001

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_002

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_003

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_004

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_005

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:21.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:22.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:22.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:23.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:23.0.2:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Cloud Pak for Business Automation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, 23.0.2"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/288178
ibm	www.ibm.com/support/pages/node/7159332

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Jul 2024 03:15Current

4.4Medium risk

Vulners AI Score4.4

CVSS34.3

EPSS0.00059

SSVC

CWE-918