CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-49785

High Severity
SVRS
53/100
CVSSv3
5.4/10
EPSS
0.00033/1

CVE-2024-49785: IBM watsonx.ai is vulnerable to cross-site scripting (XSS). This flaw enables authenticated users to inject malicious JavaScript into the web UI, potentially leading to credentials disclosure. The IBM watsonx.ai vulnerability affects versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3. Successful exploitation could compromise user sessions and sensitive data. Despite a moderate CVSS score of 5.4, this XSS vulnerability allows attackers to execute arbitrary code within a user's browser session, leading to potential data theft or unauthorized actions. The SOCRadar Vulnerability Risk Score (SVRS) is 53, indicating a moderate risk level; while not critical, this vulnerability requires monitoring and patching to prevent potential exploitation. Immediate action is not required, but keeping abreast of any new threat information associated with this CVE is advised.

TAGS
In The Wild
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:L
UI:R
S:C
C:L
I:L
A:N
PUBLICATION DATE2025-01-12
LAST MODIFIED2025-01-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-49785 is a cross-site scripting (XSS) vulnerability affecting IBM watsonx.ai versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data versions 4.8 through 5.0.3. This vulnerability allows an authenticated user to inject malicious JavaScript code into the web interface, potentially altering the intended functionality and leading to credential disclosure within a trusted session.

SVRS: While the CVSS score is 5.4, the SOCRadar Vulnerability Risk Score (SVRS) is 38, indicating a moderate risk. This suggests that although the vulnerability is exploitable, it may not be as critical as others and requires careful attention and mitigation.

Key Insights

  • Exploitability: This vulnerability requires an authenticated user, meaning attackers must first gain access to the system before exploiting the vulnerability.
  • Impact: The potential impact of this vulnerability is significant, as it could lead to credential disclosure and potentially full account compromise.
  • Widely Affected: The vulnerability affects multiple versions of IBM watsonx.ai, both standalone and on Cloud Pak for Data. Organizations using these platforms should prioritize mitigation.

Mitigation Strategies

  1. Update to Latest Versions: Immediately update to the latest versions of IBM watsonx.ai and Cloud Pak for Data. These versions include patches that address this vulnerability.
  2. Input Validation and Sanitization: Implement robust input validation and sanitization techniques to prevent malicious scripts from being injected into the web interface.
  3. Web Application Firewall (WAF): Deploy a WAF to filter out malicious requests and prevent XSS attacks from reaching the vulnerable application.

Additional Information

This vulnerability is actively being exploited in the wild. It is imperative that organizations using affected IBM watsonx.ai versions take immediate action to mitigate the risks.

If you have any further questions about this incident, please use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
Divya2025-01-13
IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks | A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for Data. This vulnerability exposes users to cross-site scripting (XSS) attacks, potentially compromising sensitive information. IBM Watsonx.ai Vulnerability The issue arises from improper input neutralization in the Web UI of IBM watsonx.ai. Authenticated users can exploit this flaw […] The post IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks appeared
gbhackers.com
rss
forum
news
CVE-2024-49785 | IBM watsonx.ai/watsonx.ai on Cloud Pak for Data Web UI cross site scripting
vuldb.com2025-01-12
CVE-2024-49785 | IBM watsonx.ai/watsonx.ai on Cloud Pak for Data Web UI cross site scripting | A vulnerability was found in IBM watsonx.ai and watsonx.ai on Cloud Pak for Data. It has been classified as problematic. This affects an unknown part of the component Web UI. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-49785. It is
vuldb.com
rss
forum
news

Social Media

IBM disclosed a significant vulnerability in its https://t.co/Zaa2I0mGKr platform, potentially exposing users to cross-site scripting (XSS) attacks. The vulnerability, identified as CVE-2024-49785, affects both IBM https://t.co/Zaa2I0mGKr on Cloud Pak for Data #CybersecurityNews https://t.co/v7AzQsPUoV
0
0
0
CVE-2024-49785 IBM https://t.co/TCBKmuRQTR 1.1 through 2.0.3 and IBM https://t.co/TCBKmuRQTR on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authen… https://t.co/Zaw9WclCF8
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://www.ibm.com/support/pages/node/7180723

CWE Details

CWE IDCWE NameDescription
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence