March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
DONOT APT Campaign Unveils Sophisticated Android Malware Targeting South Asia – Active IOCs
January 24, 2025Multiple Microsoft Windows Vulnerabilities
January 24, 2025DONOT APT Campaign Unveils Sophisticated Android Malware Targeting South Asia – Active IOCs
January 24, 2025Multiple Microsoft Windows Vulnerabilities
January 24, 2025
Severity
Medium
Analysis Summary
CVE-2024-52906 CVSS:5.5
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service.
CVE-2024-47102 CVSS:5.5
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service.
CVE-2024-51463 CVSS:5.4
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2024-51466 CVSS:9
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, and/or cause the server to crash when using a specially crafted EL statement.
CVE-2024-49336 CVSS:6.5
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2024-49816 CVSS:4.9
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user.
CVE-2025-23227 CVSS:6.4
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Impact
- Information Disclosure
- Denial of Service
- Cross-site Scripting
- Gain Access
Indicators of Compromise
CVE
CVE-2024-52906
CVE-2024-47102
CVE-2024-51463
CVE-2024-51466
CVE-2024-49336
CVE-2024-49816
CVE-2025-23227
Affected Vendors
IBM
Affected Products
- IBM Cognos Analytics - 11.2.0 - 12.0.0
- IBM AIX - 7.2
- IBM AIX - 7.3
- IBM AIX - VIOS 3.1
- IBM AIX - VIOS 4.1
- IBM i - 7.3
- IBM AIX - VIOS 7.4
- IBM AIX - VIOS 7.5
- IBM Security Guardium - 11.5
- IBM Security Guardium Key Lifecycle Manager - 4.1
- IBM Security Guardium Key Lifecycle Manager - 4.1.1
- IBM Security Guardium Key Lifecycle Manager - 4.2.0
- IBM Security Guardium Key Lifecycle Manager - 4.2.1
- IBM Tivoli Application Dependency Discovery Manager - 7.3.0.0
Remediation
Refer to the appropriate IBM Security Advisory for the patch, upgrade, or suggested workaround information.