PT-2024-34641 · Ibm · Ibm App Connect Enterprise Certified Container
Published
2024-12-04
·
Updated
2025-08-14
·
CVE-2024-51465
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM App Connect Enterprise Certified Container versions 11.4 through 12.3
Description
The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. This could potentially lead to remote code execution.
Recommendations
For IBM App Connect Enterprise Certified Container versions 11.4 through 12.3, consider disabling the functionality that allows remote command execution until a patch is available. Restrict access to the system to minimize the risk of exploitation. Apply the patch provided by IBM as soon as it is available to fix the issue.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm App Connect Enterprise Certified Container