Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-22320

Опубликовано: 02 фев. 2024
Источник: nvd
CVSS3: 9.8
CVSS3: 8.8
EPSS Критический

Описание

IBM Operational Decision Manager 8.10.3 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:operational_decision_manager:8.10.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:operational_decision_manager:8.10.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:operational_decision_manager:8.10.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:operational_decision_manager:8.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:operational_decision_manager:8.11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:operational_decision_manager:8.12.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.92327
Критический

9.8 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-502

Связанные уязвимости

github логотип

GHSA-5pq5-cp3w-7chj

CVSS3: 9.8
github
около 2 лет назад

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.

EPSS

Процентиль: 100%
0.92327
Критический

9.8 Critical

CVSS3

8.8 High

CVSS3

Дефекты

CWE-502