Vulnerability Description
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Integration Bus | >= 10.1, <= 10.1.0.3 |
| Ibm | Z\/Os | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/284564VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7140678PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/284564VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7140678PatchVendor Advisory
FAQ
What is CVE-2024-27265?
CVE-2024-27265 is a vulnerability with a CVSS score of 4.5 (MEDIUM). IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that ...
How severe is CVE-2024-27265?
CVE-2024-27265 has been rated MEDIUM with a CVSS base score of 4.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27265?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Integration Bus, Ibm Z\/Os, Linux Linux Kernel, Microsoft Windows.