CVE-2024-49336

CWE-918Server-Side Request Forgery (SSRF)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 85.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium
Timeline
PublishedDec 19

Description

IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

CVEListV5ibm/security_guardium11.5, 12.0
NVDibm/security_guardium11.5, 12.0+1

🔴Vulnerability Details

2
GHSA
GHSA-j5p5-v7rm-vgw7: IBM Security Guardium 112024-12-19
CVEList
IBM Security Guardium server-side request forgery2024-12-19
CVE-2024-49336 (MEDIUM CVSS 5.4) | IBM Security Guardium 11.5 and 12.0 | cvebase.io