CVE-2024-7885 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-7885 PUBLISHED CVSS 8.199999809265137 HIGH

Es bestehen mehrere Schwachstellen in IBM InfoSphere Information Server. Diese Fehler bestehen in den Komponenten Undertow und expressjs body-parser aufgrund einer Race Condition und eines ungeeigneten Mechanismus zur Url-Kodierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.

EPSS 10.70% · 93.3th percentile

Risk Scores

CVSS v4.0

8.199999809265137

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

10.70%

93.3th percentile

Affected Products

Vendor	Product	Versions
Oracle	Oracle Communications 15.0.0.0
Oracle	Oracle Communications 15.0.3
Oracle	Oracle Communications 24.1.1
Oracle	Oracle Communications 4.1.0
Oracle	Oracle Communications 9.0
Oracle	Oracle Communications 24.2.4
Oracle	Oracle Communications 8.6.0.4.0
Oracle	Oracle Communications 8.0
Oracle	Oracle Communications 24.2.3
Oracle	Oracle Communications 8.1
Oracle	Oracle Communications 23.4.0
Oracle	Oracle Communications 25.1.101
Oracle	Oracle Communications <=9.1.1.9
Red Hat	Red Hat Enterprise Linux
Oracle	Oracle Communications 14.0
Oracle	Oracle Communications <=24.2.3
Oracle	Oracle Communications 10.0.0
Oracle	Oracle Communications 9.2.0
Oracle	Oracle Communications 15.0.0.0.0
Oracle	Oracle Communications <=9.0.4

…and 32 more

Timeline

Aug 21, 2024 CVE Published
Aug 22, 2024 EPSS Score
Oct 5, 2024 Coalition ESS Score
Oct 17, 2024 Coalition ESS Score
Dec 30, 2024 Coalition ESS Score
Mar 17, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Apr 5, 2025 EPSS Score
Apr 15, 2025 EPSS Score
Apr 26, 2025 EPSS Score
May 4, 2025 EPSS Score
May 7, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1922.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1922 advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2305290 advisory
https://access.redhat.com/security/cve/CVE-2024-7885 advisory
https://rhn.redhat.com/errata/RHSA-2024:6508.html advisory
https://access.redhat.com/errata/RHSA-2024:6508 advisory
https://access.redhat.com/errata/RHSA-2024:6883 advisory
https://access.redhat.com/errata/RHSA-2024:7441 advisory
https://access.redhat.com/errata/RHSA-2024:7442 advisory
https://access.redhat.com/errata/RHSA-2024:7736 advisory
https://access.redhat.com/errata/RHSA-2024:11023 advisory
https://access.redhat.com/errata/RHSA-2025:16667 advisory
https://access.redhat.com/errata/RHSA-2026:0743 advisory
https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3307.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3307 advisory
https://www.ibm.com/support/pages/node/7174288 advisory
https://www.ibm.com/support/pages/node/7174289 advisory
https://www.ibm.com/support/pages/node/7174730 advisory
https://www.ibm.com/support/pages/node/7176660 advisory
https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0148.json advisory

…and 6 more

Open in Interactive Console →