Vulnerability Description
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted input, the attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 292641.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | >= 8.5.0.0, <= 8.5.5.25 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/292641VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7159825Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/292641VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7159825Vendor Advisory
FAQ
What is CVE-2024-35154?
CVE-2024-35154 is a vulnerability with a CVSS score of 7.2 (HIGH). IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted i...
How severe is CVE-2024-35154?
CVE-2024-35154 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-35154?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.