CVE-2024-22348 – IBM DevOps Velocity Cross-Origin Resource Sharing (CORS) Privilege Escalation

1月 21, 2025
1:04 am

CVE ID : CVE-2024-22348

Published : Jan. 20, 2025, 6:15 p.m. | 6 hours, 49 minutes ago

Description : IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-22348 – IBM DevOps Velocity Cross-Origin Resource Sharing (CORS) Privilege Escalation

Elvescore.io

Recent Posts

CVE-2025-0585 – aEnrich Technology a+HRD SQL Injection

CVE-2025-0586 – Enrich Technology a+HRD Insecure Deserialization Vulnerability

CVE-2025-0590 – Vulnerability in Carlcare (Mobile App) Information Disclosure

CVE-2023-52923 – Linux Kernel Netfilter nf_tables Dead Element Unlinking Anywhere

CVE-2025-0479 – CP Plus Router Cookie Flag Insecure Handling Remote Information Disclosure

CVE-2024-13176 – “Apache ECDSA Timing Key Disclosure Attack”

CVE-2024-22348 – IBM DevOps Velocity Cross-Origin Resource Sharing (CORS) Privilege Escalation

CVE-2024-22348 – IBM DevOps Velocity Cross-Origin Resource Sharing (CORS) Privilege Escalation