CVE-2024-49794: IBM ApplinX Cross-Site Request Forgery

Q: What is the severity of CVE-2024-49794?

CVE-2024-49794 has a moderate severity rating due to the potential for cross-site request forgery attacks.

Q: How do I fix CVE-2024-49794?

To fix CVE-2024-49794, apply the available patch from IBM ApplinX 11.1.0 Fix 2.

Q: What types of attacks are possible with CVE-2024-49794?

CVE-2024-49794 allows attackers to execute unauthorized actions on behalf of trusted users due to cross-site request forgery.

Q: Which versions of IBM ApplinX are affected by CVE-2024-49794?

CVE-2024-49794 affects IBM ApplinX version 11.1 and earlier.

Q: Is there a workaround for CVE-2024-49794 while awaiting a patch?

Currently, there are no documented workarounds for CVE-2024-49794; applying the patch is recommended.

Published Feb 5, 2025

Updated

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Other sources

IBM ApplinX is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

— IBM

Affected Software

2 affected componentsFixes available

IBM ApplinX<=11.1

IBM ApplinX=11.1.0

Event History

Feb 5, 2025

CVE Published

via IBM·12:00 AM

CVE Published

via MITRE·11:40 PM

Data Sourced

via MITRE·11:40 PM

DescriptionSeverityWeakness

Feb 6, 2025

Data Sourced

via NVD·12:15 AM

DescriptionSeverityWeaknessAffected Software

Parent advisories

This vulnerability appears in the following advisories.

IBM-7182522

Frequently Asked Questions

What is the severity of CVE-2024-49794?

CVE-2024-49794 has a moderate severity rating due to the potential for cross-site request forgery attacks.

How do I fix CVE-2024-49794?

To fix CVE-2024-49794, apply the available patch from IBM ApplinX 11.1.0 Fix 2.

What types of attacks are possible with CVE-2024-49794?