Description

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context.

INFO

Published Date :

2025-02-05T11:30:05.572Z

Last Modified :

2025-02-22T21:00:11.012Z

Source :

ibm
AFFECTED PRODUCTS

The following products are affected by CVE-2024-49348 vulnerability.

Vendors Products
Ibm
  • Cloud Pak For Business Automation
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49348.

URL Resource
https://www.ibm.com/support/pages/node/7182403 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact