GitLab Urgently Fixes Critical Vulnerability Allowing Unauthorized Pipeline Job Execution

September 16, 2024

Bitter APT – Active IOCs

September 16, 2024

Multiple IBM WebMethods Integration Vulnerabilities

September 16, 2024

Severity

High

Analysis Summary

CVE-2024-45076 CVSS:9.9

IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.

CVE-2024-45075 CVSS:8.8

IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.

Impact

Code Execution
Privilege Escalation

Indicators of Compromise

CVE

CVE-2024-45076
CVE-2024-45075

Affected Vendors

IBM

Affected Products

IBM webMethods Integration 10.15

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

GitLab Urgently Fixes Critical Vulnerability Allowing Unauthorized Pipeline Job Execution

Bitter APT – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation