Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:27 a.m.19 views

Security Bulletin: IBM WebSphere Automation is vulnerable to an unauthorized code or commands execution weakness (CVE-2024-54181)

Summary IBM WebSphere Automation is vulnerable to an unauthorized code or commands execution weakness. Vulnerability Details CVEID:CVE-2024-54181 DESCRIPTION: IBM WebSphere Automation could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Usi...

7.2CVSS7.5AI score0.00973EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/30 2:15 p.m.33 views

CVE-2024-54181

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...

7.2CVSS0.00973EPSS
Exploits0References1
Circl
Circl
added 2024/12/30 1:48 p.m.10 views

CVE-2024-54181

creationtimestamp| type| source ---|---|--- 2024-12-30 13:48:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113742088456394313 2024-12-30 15:57:53+00:00| seen| https://t.me/cvedetector/13933...

7.2CVSS4.8AI score0.00973EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/30 1:41 p.m.38 views

CVE-2024-54181 IBM WebSphere Automation command injection

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...

7.2CVSS0.00973EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/30 1:41 p.m.7 views

CVE-2024-54181 IBM WebSphere Automation command injection

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...

7.2CVSS7.7AI score0.00973EPSS
Exploits0References1
CVE
CVE
added 2024/12/30 1:41 p.m.77 views

CVE-2024-54181

IBM WebSphere Automation 1.7.5 is vulnerable to an OS Command Injection due to improper neutralization of inputs in the Swagger UI. A remote privileged user with Swagger UI access can execute arbitrary code on the system. IBM’s security bulletin confirms affected version 1.7.5 and recommends upgr...

7.2CVSS7.2AI score0.00973EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder