Critical Vulnerability affecting IBM products (CVE-2024-41110)

Published On: Aug 16, 2024 19:00

Advisory No: TZCERT-SA-24-0022

Source: IBM

Software Affected: Moby

Overview

Multiple IBM products depending on Moby are vulnerable to critical vulnerability. Attackers can exploit the vulnerability to bypass authorization in the affected system.

Description

Multiple IBM products depending on Moby are affected by a critical vulnerability with CVSS base scores of 9.9 and tracked as CVE-2024-41110. The vulnerability is caused by improper authorization validation whereby through sending a specially crafted request, the attacker can bypass authorization plugins.

Impact

Successful exploitation of this vulnerability may allow the attacker to bypass security controls in the affected system.

Solution

IBM has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Report Incident