CVE-2024-22319
published 2024-02-02CVE-2024-22319: IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
| ibm | operational_decision_manager | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck8.1HIGH