Webmethods Integration
CVE-2024-45075
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (us) · only source for this CVE.
CVSS VectorVendor: us
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication.
AnalysisAI
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Missing Authentication for Critical Function (CWE-306), which allows attackers to access critical functionality without authentication. IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication. Affected products include: Ibm Webmethods Integration.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Require authentication for all sensitive operations, implement defense in depth.
More in Webmethods Integration
View allIBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be
CVE-2025-36049 is a security vulnerability (CVSS 8.8). High severity vulnerability requiring prompt remediation.
Privilege escalation vulnerability in IBM webMethods Integration Server affecting versions 10.5, 10.7, 10.11, and 10.15,
IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. Rated medium s
IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11.1 through 11.1_Core_Fi
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute co
IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CV
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today