September 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple GitLab Products Vulnerabilities
August 14, 2024
Multiple SAP Products Vulnerabilities
August 14, 2024
Multiple GitLab Products Vulnerabilities
August 14, 2024
Multiple SAP Products Vulnerabilities
August 14, 2024
Severity
Medium
Analysis Summary
CVE-2024-41774 CVSS:5.5
IBM Common Licensing 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-40697 CVSS:7.5
IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
Impact
- Cross-site Scripting
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-41774
- CVE-2024-40697
Affected Vendors
IBM
Affected Products
- IBM Common Licensing 9.0
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.