CVE-2024-52362

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-1286
View all →

Vulnerability Description

IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.

Related Vulnerabilities

CVE-2022-22176

MEDIUM
CVSS:6.5(Medium)

An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed ...

CWE-12862022

CVE-2023-21405

MEDIUM
CVSS:6.5(Medium)

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod proce...

CWE-12862023

CVE-2023-43850

MEDIUM
CVSS:6.5(Medium)

Improper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to cause a partial DoS of web interface via HTTP POST re...

CWE-12862023

CVE-2023-44204

MEDIUM
CVSS:6.5(Medium)

An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker...

CWE-12862023

CVE-2024-6173

MEDIUM
CVSS:6.5(Medium)

51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour config...

CWE-12862024

CVE-2025-24347

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file via a ...

CWE-12862025