CVERadar

CVE-2024-35143

Medium Severity

Ibm

SVRS

30/100

CVSSv3

9.1/10

EPSS

0.00087/1

CVE-2024-35143: Unauthenticated access to MongoDB in IBM Planning Analytics Local. This vulnerability allows a remote attacker to gain unauthorized access to the database due to missing password authentication.

CVE-2024-35143 affects IBM Planning Analytics Local versions 2.0 and 2.1, where the MongoDB server is exposed without password protection. This permits unauthorized remote connections, potentially leading to data breaches and system compromise. The CVSS score is 9.1 indicating critical severity, but the SOCRadar Vulnerability Risk Score (SVRS) is 30, suggesting a lower immediate threat level despite the inherent risk. Although the SVRS is low, the absence of authentication remains a significant security flaw. Immediate action is still required to implement authentication mechanisms and secure the MongoDB instance to prevent exploitation.

TAGS

No tags available

VECTOR STRING

CVSS:3.1

AV:N

AC:L

PR:N

UI:N

S:U

C:H

I:H

A:N

PUBLICATION DATE2024-08-04

LAST MODIFIED2024-09-11

SOCRadar

AI Insight

Description

CVE-2024-35143 is a vulnerability in IBM Planning Analytics Local 2.0 and 2.1 that allows a remote attacker to gain unauthorized access to the MongoDB database due to a lack of password authentication. The SVRS score of 46 indicates a moderate risk, highlighting the need for attention and appropriate mitigation measures.

Key Insights

Unprotected MongoDB Database: The vulnerability stems from the MongoDB database being accessible remotely without password protection, making it susceptible to unauthorized access and potential data breaches.
Remote Exploitation: Attackers can exploit this vulnerability remotely, increasing the risk of compromise for organizations with exposed MongoDB databases.
Data Theft and Manipulation: Unauthorized access to the database could lead to data theft, manipulation, or disruption, potentially impacting business operations and sensitive information.

Mitigation Strategies

Enable Password Authentication: Implement strong password authentication for the MongoDB database to prevent unauthorized access.
Restrict Network Access: Limit network access to the database to authorized users and devices to minimize the risk of remote exploitation.
Monitor and Audit: Regularly monitor and audit database activity to detect any suspicious or unauthorized access attempts.
Update Software: Apply the latest software updates and patches to address any known vulnerabilities and enhance overall security.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
Exploit Status: Active exploits have not been published.
CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.
In the Wild: There is no evidence that this vulnerability is currently being exploited in the wild.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

Vulmon Vulnerability Feed

@VulmonFeeds

2024-08-04

CVE-2024-35143 Unauthorized Access in IBM Planning Analytics Local via MongoDB IBM Planning Analytics Local 2.0 and 2.1 link to a MongoDB server. This document-based database system listens on a remote port. It a... https://t.co/Sn1B81u3S6

Affected Software

Configuration 1

Type	Vendor	Product
App	Ibm	planning_analytics_workspace

Configuration 2

Type	Vendor	Product
App	Ibm	planning_analytics_local

References

Reference	Link
[email protected]	https://exchange.xforce.ibmcloud.com/vulnerabilities/292420
[email protected]	https://www.ibm.com/support/pages/node/7157110

CWE Details

CWE ID	CWE Name	Description
CWE-306	Missing Authentication for Critical Function	The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence