IBM98FE22897608D64DA483BEC8435CE4934113F279583A423C5ACB4B69F6770514Security Bulletin: IBM Resilient SOAR is vulnerable to command injection (CVE-2024-38319)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Summary
It was possible for a privileged user to inject malicious commands that could be executed as another user. This issue has been addressed.
Vulnerability Details
CVEID:CVE-2024-38319
**DESCRIPTION:**IBM Security SOAR could allow an authenticated user to execute malicious code loaded from a specially crafted script.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/294830 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
IBM strongly encourages customers to update their systems promptly.
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security SOAR | 51.0.2.0 and earlier |
Remediation/Fixes
Updated versions of the IBM Security SOAR Platform prevent this issue and are available for download at Release Download Locations.
Users should upgrade as soon as convenient. The upgrade instructions are available on IBM Documentation at <https://www.ibm.com/docs/en/sqsp/51?topic=51021-upgrade-notes>.
Workarounds and Mitigations
None
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security soar | le | 51.0.2.0 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%