CVE-2024-49794

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7182522	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:applinx:11.1.0:*:*:*:*:*:*:*

History

12 Feb 2025, 19:01

Type	Values Removed	Values Added
CPE		cpe:2.3:a:ibm:applinx:11.1.0:::::::*
First Time		Ibm Ibm applinx
Summary		(es) IBM ApplinX 11.1 es vulnerable a cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que el sitio web confía.
References	~~() https://www.ibm.com/support/pages/node/7182522 -~~	() https://www.ibm.com/support/pages/node/7182522 - Vendor Advisory

06 Feb 2025, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-06 00:15

Updated : 2025-02-12 19:01

NVD link : CVE-2024-49794

Mitre link : CVE-2024-49794

CVE.ORG link : CVE-2024-49794

JSON object : View

Products Affected

ibm

applinx

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

4.3 /10