CVE-2024-27266

CVSS 3.1 Score 8.2 of 10 (high)

Details

Published Mar 14, 2024

Updated: Mar 19, 2024

CWE ID 611

Summary

CVE-2024-27266 is a vulnerability affecting IBM Maximo Application Suite 7.6.1.3. This issue allows for XML External Entity Injection (XXE) attacks, enabling remote attackers to manipulate XML data during processing. The consequence can be the exposure of sensitive information or the consumption of excessive memory resources. IBM X-Force has assigned the ID 284566 to this security flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/umy00F
https://www.cve.org/CVERecord?id=CVE-2024-27266
https://nvd.nist.gov/vuln/detail/CVE-2024-27266

Back to Vulnerability Database

CVE-2024-27266

CVSS 3.1 Score 8.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations