CVE-2024-41768

Name of the Vulnerable Software and Affected Versions IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 through 7.0.3

Description The issue is related to the implementation of TLS and SSL protocols in the software, which is associated with inadequate access control. Exploitation of this issue could allow a remote attacker to cause an unhandled SSL exception, potentially leaving the connection in an unexpected or insecure state.

Recommendations For versions 7.0.2 and 7.0.3, consider disabling the SSL functionality until a patch is available to prevent potential exploitation. Restrict access to the software to minimize the risk of exploitation by a remote attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.