CVE-2024-41773

MEDIUM

Published Aug 20, 2024 Modified Aug 26, 2024 CWE-708

Description

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls.

CVSS v3.1 Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Weakness Type (CWE)

CWE-708 CWE-708

Affected Products

Vendor	Product	Versions
ibm	global_configuration_management	All
ibm	global_configuration_management	All

References

Advisories & Patches

https://www.ibm.com/support/pages/node/7165963

Other References

https://exchange.xforce.ibmcloud.com/vulnerabilities/350347

Frequently Asked Questions

What is CVE-2024-41773? +

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls. It has a CVSS v3.1 base score of 6.5 (MEDIUM).

How severe is CVE-2024-41773? +

CVE-2024-41773 has a CVSS v3.1 score of 6.5 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

What products are affected by CVE-2024-41773? +

CVE-2024-41773 affects products from ibm, specifically: global_configuration_management. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-41773? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-40196 8.1

HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained …

CVE-2024-52561 7.8

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a …

CVE-2023-29122 6.7

Under certain conditions, access to service libraries is granted to account they should not have access to.

CVE-2024-45417 6.0

Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user …

CVE-2024-45426 4.9

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network …

CVE-2025-14262 4.3

A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other …

Quick Facts

CVSS Score: 6.5
Severity: MEDIUM
Published: Aug 20, 2024

Scan for this vulnerability

Check if your website or infrastructure is affected by CVE-2024-41773.

Website Scan Port Scan

Browse CVEs

Critical High CISA KEV ! Most likely exploited →