Intrusion PreventionIBM.Operational.Decision.Manager.datasource.JNDI.Injection
Description
This indicates an attack attempt to exploit an Input Validation Error Vulnerability in IBM Operational Decision Manager.
The vulnerability is due to improper handling of user input in the datasource parameter in requests to the server. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation results in the target server performing a JNDI lookup to an attacker controlled server, and in the worst case execution of arbitrary code under the security context of the affected server.
Affected Products
IBM Operational Decision Manager 8.10.3
IBM Operational Decision Manager 8.10.4
IBM Operational Decision Manager 8.10.5.1
IBM Operational Decision Manager 8.11.0.1
IBM Operational Decision Manager 8.11.1
IBM Operational Decision Manager 8.12.0.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.ibm.com/support/pages/node/7112382
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-04-24 | 27.774 | Default_action:pass:drop |
| 2024-04-10 | 27.764 | Sig Added |
| 2024-04-04 | 27.761 |
| ID | 55294 |
| Created | Mar 27, 2024 |
| Updated | Apr 10, 2024 |
| Risk |
|
| CVE ID | CVE-2024-22319 |
| Exploit Prediction Score | 26.53% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IBM |