CVE-2024-54181

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Automation version 1.7.5

Description: The vulnerability in the IBM WebSphere Automation platform's Swagger interface is related to the failure to neutralize special elements used in operating system commands. This could allow a remote privileged user with authorized access to the Swagger UI to execute arbitrary code using specially crafted input.

Recommendations: For IBM WebSphere Automation version 1.7.5, consider disabling access to the Swagger UI until a patch is available to prevent potential exploitation. Restrict access to the system to minimize the risk of arbitrary code execution. Avoid using specially crafted input in the Swagger UI to prevent exploitation of this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.