CVE-2024-45075
HIGHIBM webMethods Integration 10.15 - Privilege Escalation
Title source: llmDescription
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
patch
https://www.ibm.com/support/pages/node/7167245
Scores
CVSS v3
8.8
EPSS
0.0020
EPSS Percentile
42.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (1)
ibm/webmethods_integration
10.15
Published
Sep 04, 2024
Tracked Since
Feb 18, 2026