Cyber Resilience

CVE-2024-31903

High

Published: 22 January 2025

Published
22 January 2025
Modified
05 March 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1819 95.3th percentile
Risk Priority 29 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-31903 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 contain a deserialization of untrusted data flaw tracked as CVE-2024-31903 and CWE-502. The issue enables an adjacent-network attacker to supply malicious serialized objects that the application processes without sufficient validation, leading directly to arbitrary code execution on the host.

An unauthenticated attacker positioned on the same local network can exploit the vulnerability without user interaction. Successful exploitation grants full control over the affected system, resulting in complete compromise of confidentiality, integrity, and availability as reflected in the CVSS 3.1 score of 8.8.

The IBM advisory published at https://www.ibm.com/support/pages/node/7172233 details available patches and mitigation steps for the listed releases. The associated EPSS score has remained stable at 0.1819 with no material increase observed after disclosure.

EU & UK References

Vulnerability details

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Deserialization of untrusted data (CWE-502) directly enables unauthenticated remote code execution over the network on the vulnerable application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2023-38739Same product: Ibm Sterling B2B Integrator
CVE-2023-50316Same product: Ibm Sterling B2B Integrator
CVE-2023-49886Same vendor: Ibm
CVE-2026-1264Same product: Ibm Sterling B2B Integrator
CVE-2026-9330Same vendor: Ibm
CVE-2026-9319Same vendor: Ibm
CVE-2025-36368Same product: Ibm Sterling B2B Integrator
CVE-2025-36072Same vendor: Ibm
CVE-2025-2000Same vendor: Ibm
CVE-2025-14031Same product: Ibm Sterling B2B Integrator

Affected Assets

ibm
sterling b2b integrator
6.0.0.0 — 6.1.2.5 · 6.2.0.0 — 6.2.0.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly mitigates CVE-2024-31903 by applying vendor patches to fix the deserialization of untrusted data vulnerability.

prevent

Information input validation checks and sanitizes untrusted data before deserialization, preventing arbitrary code execution from malicious serialized inputs.

prevent

Boundary protection limits adjacent network access to the vulnerable IBM Sterling B2B Integrator system, blocking the attacker's prerequisite network proximity.

References