CVE-2024-22315

Name of the Vulnerable Software and Affected Versions IBM Fusion and IBM Fusion HCI versions 2.3.0 through 2.8.2

Description The issue is related to insufficient restriction of the communication channel for given endpoints, which may allow an attacker to gain unauthorized access to protected information. An attacker who gains access to a Fusion container can establish an external network connection due to insecure network connection.

Recommendations For versions 2.3.0 through 2.8.2, update to a version that addresses the insecure network connection issue to prevent attackers from establishing external network connections. As a temporary workaround, consider restricting access to Fusion containers to minimize the risk of exploitation.