CVE-2024-37528

🗓️ 08 Jul 2024 02:21:50Reported by ibmType

IBM Cloud Pak for Business Automation 18.0.0 and later versions vulnerable to cross-site scriptin

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-37528	8 Jul 202406:08	–	circl
CNNVD	IBM Cloud Pak for Business Automation 跨站脚本漏洞	8 Jul 202400:00	–	cnnvd
CNVD	IBM Cloud Pak for Business Automation Cross-Site Scripting Vulnerability (CNVD-2024-31390)	10 Jul 202400:00	–	cnvd
Cvelist	CVE-2024-37528 IBM Cloud Pak for Business Automation cross-site scripting	8 Jul 202402:21	–	cvelist
IBM Security Bulletins	Security Bulletin: Vulnerability affect IBM Business Automation Workflow - CVE-2024-37528	4 Jul 202412:48	–	ibm
EUVD	EUVD-2024-36732	3 Oct 202520:07	–	euvd
NVD	CVE-2024-37528	8 Jul 202403:15	–	nvd
OSV	CVE-2024-37528	8 Jul 202403:15	–	osv
Positive Technologies	PT-2024-27629 · Ibm · Ibm Cloud Pak For Business Automation	7 Jul 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-37528	23 May 202507:43	–	redhatcve

NVD

Vulners

Node

ibm cloud_pak_for_business_automationRange18.0.0–18.0.2

ibm cloud_pak_for_business_automationRange19.0.1–19.0.3

ibm cloud_pak_for_business_automationRange20.0.1–20.0.3

ibm cloud_pak_for_business_automationMatch21.0.1-

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_005

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_006

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_007

ibm cloud_pak_for_business_automationMatch21.0.1interim_fix_008

ibm cloud_pak_for_business_automationMatch21.0.3-

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_001

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_002

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_003

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_004

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_005

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_006

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_007

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_008

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_009

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_010

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_011

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_012

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_013

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_014

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_015

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_016

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_017

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_018

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_019

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_020

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_021

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_022

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_023

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_024

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_025

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_026

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_028

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_029

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_030

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_031

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_032

ibm cloud_pak_for_business_automationMatch21.0.3interim_fix_033

ibm cloud_pak_for_business_automationMatch22.0.1-

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_005

ibm cloud_pak_for_business_automationMatch22.0.1interim_fix_006

ibm cloud_pak_for_business_automationMatch22.0.2-

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_001

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_002

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_003

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_004

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_005

ibm cloud_pak_for_business_automationMatch22.0.2interim_fix_006

ibm cloud_pak_for_business_automationMatch23.0.1-

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_001

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_002

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_003

ibm cloud_pak_for_business_automationMatch23.0.1interim_fix_004

ibm cloud_pak_for_business_automationMatch23.0.2-

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_001

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_002

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_003

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_004

ibm cloud_pak_for_business_automationMatch23.0.2interim_fix_005

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:19.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:20.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:21.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:22.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:22.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:23.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:cloud_pak_for_business_automation:23.0.2:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Cloud Pak for Business Automation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, 23.0.2"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7159332
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/294293

21 Nov 2024 09:24Current

4.9Medium risk

Vulners AI Score4.9

CVSS 3.14.8 - 5.4

EPSS0.0011

SSVC

CWE-79