CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-22348

High Severity
SVRS
52/100
CVSSv3
5.3/10
EPSS
0.00038/1

CVE-2024-22348 affects IBM DevOps Velocity and IBM UrbanCode Velocity, exposing them to Cross-Origin Resource Sharing (CORS) vulnerabilities. This security flaw could enable attackers to perform unauthorized actions and steal sensitive data because the domain name isn't restricted to trusted sources. Although the CVSS score is 5.3, the SOCRadar Vulnerability Risk Score (SVRS) is 52, indicating a moderate level of risk that requires attention. Successful exploitation of CVE-2024-22348 can lead to data breaches and unauthorized access to critical systems. Due to the CORS misconfiguration (CWE-942), attackers can bypass security measures and exploit the trust relationship between the user's browser and the vulnerable application. Even though the CVSS score isn't critical, the potential impact of this vulnerability should not be underestimated. It is advised to update to the latest version to fix this.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:L
A:N
PUBLICATION DATE2025-01-20
LAST MODIFIED2025-01-21
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-22348 is a cross-site request forgery (CSRF) vulnerability affecting IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.25. This vulnerability arises from the insecure configuration of Cross-Origin Resource Sharing (CORS), which allows an attacker to bypass security mechanisms by sending malicious requests from an untrusted domain. Consequently, an attacker could exploit this vulnerability to execute privileged actions or retrieve sensitive information within the affected applications. The SVRS score of 46 indicates a moderate vulnerability that requires attention and appropriate mitigation strategies.

Key Insights

  • Exploitable via Untrusted Domains: The vulnerability allows attackers to exploit the applications through untrusted domains, bypassing traditional security measures. This significantly broadens the potential attack surface.
  • Potential for Data Exfiltration: The vulnerability enables attackers to steal sensitive information from the affected applications, posing a severe risk to confidentiality.
  • Privilege Escalation: Attackers can potentially gain elevated privileges within the applications, allowing them to perform actions they are not authorized to do.
  • No Known Active Exploits: While no active exploits have been identified yet, the vulnerability is easily exploitable and the severity of the potential consequences necessitate immediate attention.

Mitigation Strategies

  • Restrict CORS Configuration: Implement strict CORS configurations to limit requests from trusted domains only. Configure the "Allow-Origin" header to specify acceptable domains for requests.
  • Update Applications: Ensure all affected IBM DevOps Velocity and IBM UrbanCode Velocity applications are updated to the latest patched versions.
  • Secure User Authentication: Implement robust user authentication mechanisms with strong passwords, multi-factor authentication, and regular password rotation.
  • Regular Vulnerability Scanning: Conduct regular vulnerability scans and penetration testing to identify and remediate security weaknesses.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy
vuldb.com2025-01-20
CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy | A vulnerability was found in IBM UrbanCode Velocity and DevOps Velocity. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Trusted Domain Handler. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is known as CVE-2024-22348. The attack
vuldb.com
rss
forum
news

Social Media

New post from https://t.co/uXvPWJy6tj (CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy) has been published on https://t.co/4CHV355oaR
0
0
0
New post from https://t.co/uXvPWJy6tj (CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy) has been published on https://t.co/xaTk5Mcjjn
0
0
0
CVE-2024-22348 IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privil… https://t.co/ukisuyNF3p
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://www.ibm.com/support/pages/node/7172750

CWE Details

CWE IDCWE NameDescription
CWE-942Permissive Cross-domain Policy with Untrusted DomainsThe software uses a cross-domain policy file that includes domains that should not be trusted.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence